last executing test programs: 2.364862741s ago: executing program 0 (id=816): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @private}}}, 0x108) 2.309350966s ago: executing program 0 (id=819): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x0, 0xf, &(0x7f00000001c0)=@ringbuf, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90) syz_emit_ethernet(0x8a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaac4bc9cac968686dd6000000000541100fe8000000000000000000000000000aafe8000000000000000000000000000aa00004e22"], 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_int(r3, 0x0, 0xb, &(0x7f00000000c0)=0x1, 0x4) sendto$inet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=""/131, 0x83}}], 0x400000000000205, 0x40002041, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000400)='net/mcfilter6\x00') r5 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW(r5, 0x5403, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffefffb, 0x0, "da6cd1122d1d837f65d3fe6ba6439cddec04ed"}) ioctl$TIOCL_PASTESEL(r5, 0x541c, &(0x7f0000000000)) lseek(r4, 0x8, 0x0) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) r7 = dup(r6) ioctl$KDSKBENT(r7, 0x4b47, &(0x7f0000000000)={0x1}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) r8 = getuid() syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x3, &(0x7f0000000100)={[{@resuid={'resuid', 0x3d, r8}}]}, 0x1, 0x3e6, &(0x7f0000000880)="$eJzs3E1rHGUcAPD/TN7atHYjCIpeAh4akeatFg2ILxdPKgU99Bo2SaluE0lWtO0eKgqCB0HQD+DBT+FBD34BP4MXKRbNpRUvK7M7s26anTYxm06T/n7wMM/zzGyf578zHf4z2ZkAHlvTEfFGRIxExGJE1PL+NC9xs1uy7e5ut+p/b7fqSbTb7/2ZRBIRd7Zb9eLfSvLlqbwxk0akX0Q8d3P3uFvXrn+43GisbubtuebVj+a2rl0/d+Xq8uXVy6vr51+ef2VxaXFpYX44gRaTu/Hu518vfffT0+f+mcm6Tufd/XEMy3RMnylbd2HYg1VsvOoJAACwJ2me+4928v9ajHRqXbWYa1U6OQAAAGAo2q/ny/aliTYAAABwTCXRXX5yIaLquQAAAACHofgdwJ3tVr0oFf4c4aG7/WZETHXjv5uX7prROJFvM3aIz7dOR8TFG998kJU4pOeQAQD6/ZzlP/OD8r80nunbbiKikw+dHPL40/e0d+c/6a0hD7lDlv+9mr/bZmf+lxabTI3krSc6qeJYsnalsTofEWciYibGJrL2wn3GmHrr17/K1vXnf1nJxi9ywXwet0Yndn5mZbm5fJCY+93+LOLZ0UHxJ738N4mIyQOMsfDHpSzFHujB8R+u9vcRZ18bHH8huf/7ieY6x8NccVTs9uPFr7bKxq86/mz/Tw48/nvxTyX972sqjaTcOy98uVa27v8e/+PJ+516cV326XKzubkQMZ68vbt/8b/PFu1i+yz+mecH//8vzn9J/k6r0/k5YL/OTpSvexT2/8q+9v/+K5Obv/1SNv7e9v9LndpM3rOX899eJ3iQ7w4AAACOirRzXyNJZ3v1NJ2d7d7veCom08bGVvPFtY2P11e69z+mYiwt7nTV+u6HLnT/jN5rL97TPh8RT0bEt7WTnfZsfaOxUnXwAAAA8Jg4VXL9n/m9VvXsAAAAgKEpezgHAAAAOD5c/wMAAMCxdpD3+qkMpTIWvZ4T8QjM50hURuPBPUerkkREtdPYiOj7DiPih/WqT08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABH1r8BAAD//z4UxNw=") 1.698216054s ago: executing program 2 (id=822): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 1.686908955s ago: executing program 4 (id=824): r0 = creat(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) setsockopt$inet6_tcp_TLS_RX(r0, 0x6, 0x2, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000404000000002e"], 0x0, 0x37}, 0x20) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0xa, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r2, 0x2, 0x1}, 0x48) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={r3, 0x0, 0x0}, 0x20) 1.565356705s ago: executing program 3 (id=826): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe) bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x3, @none}, 0xe) 1.557275746s ago: executing program 2 (id=827): r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(0x0, r1) fsetxattr$security_evm(r0, &(0x7f0000002200), 0x0, 0x0, 0x0) 1.486149741s ago: executing program 2 (id=829): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @private}}}, 0x108) 1.485573141s ago: executing program 3 (id=830): socket$key(0xf, 0x3, 0x2) r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000240)="03", 0x1, 0xfffffffffffffffe) keyctl$update(0x2, r0, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_UID={0x8, 0x19, 0xffffffffffffffff}]}, 0x24}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) io_setup(0x83, &(0x7f00000003c0)=0x0) io_submit(r2, 0x0, 0x0) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300001e880000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) r4 = dup(r3) ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x101}}) 1.477113192s ago: executing program 2 (id=831): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==") r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) write$cgroup_int(r2, &(0x7f0000000100), 0x1001) fallocate(r1, 0x0, 0x0, 0x1000f4) r3 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x90e976db910956fe, 0x4002011, r3, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r4 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0) write$binfmt_script(r4, &(0x7f0000000080), 0x208e24b) fallocate(r0, 0x3, 0x0, 0x1a00) 1.388937589s ago: executing program 0 (id=832): dup(0xffffffffffffffff) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140)) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92}) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000140)={'#! ', './file2'}, 0xb) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=""/57, 0x0, &(0x7f0000000500)=""/4096}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0a7c90f326ff9c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c14ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b6bd2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4846e9fc09ce0afb670f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e73130600d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f4a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d915837d1f2e04596d82f6ea3e41d81c1ffffffff00000000ef2cb5fd9149a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294ce89fcb8ef4fbd874f13f9cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac9783bd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e080000000000000036b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29c5e9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e40ae05b10a79f77dc9db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb3502734137ff47257f164391c673996b090e9a8b28cb66dd1c8d"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000636c77fbac141416e000030a44080503fe80000000000000845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) 1.388560619s ago: executing program 4 (id=833): creat(&(0x7f0000000e00)='./file0\x00', 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/locks\x00', 0x0, 0x0) pread64(r0, 0x0, 0x0, 0x0) r1 = open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) 1.37821265s ago: executing program 4 (id=834): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x81340a, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) open_tree(r0, &(0x7f0000000240)='./file0/../file0\x00', 0x0) umount2(&(0x7f0000000700)='./file0/../file0\x00', 0x0) 1.356072631s ago: executing program 3 (id=835): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000280)=@filename='\x00', 0x0, &(0x7f00000001c0)='./file1\x00') 1.228828882s ago: executing program 3 (id=836): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f00000009c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c646d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75650000000000000003667365743d30121df478303030383030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be27ef17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e676cc6e5b2e542e426bceaab9b2cf261046247bce0565d13a6ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4656e47fe5a25502919954242f8d771fc2acf14f2cee04696a9d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d32da887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab924472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893f64421a40f4822ffcc284dfe9ae1c6e4a04293c970f2dae776decf07b085eb5fdeda7d365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2c7fb0340a249135057f87882717e166ef509c14fdcf38f63141e4ed36737c6e55498b350f41c8caed3e347c149162b4c6ed629be8eaaa25d59747816197aff2cf68a42d73e8146c72fedb130521de285872a4ca5353cc354a0b0e2ce57275b34276d28d91b2c0c2fa1041f818ea96f65a3000057dfb8858cfd194f7431e4b734f848268c5a000f01000000010000000360236584faaf1a4d4fabd3b68929729fd006fa91186ac3d0d222e00c77ad726cdc16c8456d6f598254bda7c72b24a6b213162cd6e6f205d1", @ANYRESHEX], 0x0, 0x2a8, &(0x7f0000000580)="$eJzs3c1qA1UUAOAzSZpGXSSIG0VwQBeuSuvWTaNUELtSIqgbg21BklJoIWAFa1d9Apfia/gIrn0Dwa3grl1URiYz0yQ2qbG/YL8PSi9z77lzck9IVjnz5ev7g52DJE7Pf4tWK4naZmzGRRKdqEXl+2gEAPD/cZFl8WdWjJPybzmN2sNlBQA8pOL7v/DUuQAAj+OTzz7/qLu9vfVxmrbi1fbZqJdExP7ZqFfMd/fi6xjGbqxHOy4jsivF+IMPt7eikeY68db+yag3mtm/+0fEOH4j2tGZH7+RFsr4XkT+fyVejDS6eyvVVu14ZX78O3Pio9eMt9+cyn8t2vHrV3EQw9iJPHYS/91Gmr6f/XD+7Rf5bfL4pBa91fG6iaz+OBUBAAAAAAAAAAAAAAAAAAAAAOA5WEvTpGjfM+7fk18q++/UL8fza2mlM9ufp4i/6hdc9AfKomzRc5LFj1V/nfU0TbNy4SS+Ea81PFgAAAAAAAAAAAAAAAAAAAAAckffHA/6w+Hu4Z0H9UF/WHUDqH7Wf9sNN6euvBHHg3598Yary99ruttAnuuNi6PRiHs4lmUGL+T5LFjzU5nvf995dVLcT8vwqjD3+ipefu8qw7Scqg550E/+7V6tqnA/T08147b5jGs73D3Mxm+Jy2y2pq0Fh9m8p9NovjR36q8sy5bb593fixqVV5Jxi43l7r5SDha+W1rXa/HL4g0XfmTU7/qZAwAAAAAAAAAAAAAAAAAAzDf7w+l/OL0xtPZgSQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI5s8/78atCJi9sq1wUkZfNOactCMw6MnfokAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8A38HAAD//xorSR0=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) r1 = openat(r0, &(0x7f0000000280)='.\x00', 0x0, 0x0) ioctl$FAT_IOCTL_GET_ATTRIBUTES(r1, 0x80047210, 0x0) 1.184920145s ago: executing program 4 (id=837): prlimit64(0x0, 0x6, &(0x7f0000000140), 0x0) syz_clone3(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCADDRT(r1, 0x8918, &(0x7f0000000100)={0x0, {0x2, 0x0, @remote}, {0x2, 0x0, @loopback=0x7f000002}, {0x2, 0x0, @dev}}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r0}, 0x10) r2 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$KDDELIO(r2, 0x4b35, 0x8000000000000001) open(&(0x7f0000000000)='.\x00', 0x0, 0x0) move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0) r3 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) syz_usb_control_io$hid(r3, 0x0, 0x0) syz_usb_control_io(r3, 0x0, 0x0) r4 = syz_open_dev$tty20(0xc, 0x4, 0x1) timer_create(0x9, 0x0, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x989680}}, &(0x7f0000000200)) ioctl$KDSKBLED(r4, 0x4b65, 0x6) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) 726.079322ms ago: executing program 3 (id=838): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 704.384234ms ago: executing program 3 (id=839): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000000040630420b300000000000109022400010000000009040000020300000009210000000122070009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000380)={0x2c, &(0x7f0000000680)={0x0, 0x0, 0x7, {0x7, 0x0, "c827831962"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 610.058121ms ago: executing program 4 (id=840): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0) pwritev(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x8001, 0x0) write$cgroup_int(r0, &(0x7f00000000c0)=0x7, 0x12) 525.478037ms ago: executing program 4 (id=842): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x0, 0xf, &(0x7f00000001c0)=@ringbuf, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90) syz_emit_ethernet(0x8a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaac4bc9cac968686dd6000000000541100fe8000000000000000000000000000aafe8000000000000000000000000000aa00004e22"], 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_int(r3, 0x0, 0xb, &(0x7f00000000c0)=0x1, 0x4) sendto$inet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=""/131, 0x83}}], 0x400000000000205, 0x40002041, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000400)='net/mcfilter6\x00') r5 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW(r5, 0x5403, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffefffb, 0x0, "da6cd1122d1d837f65d3fe6ba6439cddec04ed"}) ioctl$TIOCL_PASTESEL(r5, 0x541c, &(0x7f0000000000)) lseek(r4, 0x8, 0x0) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) r7 = dup(r6) ioctl$KDSKBENT(r7, 0x4b47, &(0x7f0000000000)={0x1}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) r8 = getuid() syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x3, &(0x7f0000000100)={[{@resuid={'resuid', 0x3d, r8}}]}, 0x1, 0x3e6, &(0x7f0000000880)="$eJzs3E1rHGUcAPD/TN7atHYjCIpeAh4akeatFg2ILxdPKgU99Bo2SaluE0lWtO0eKgqCB0HQD+DBT+FBD34BP4MXKRbNpRUvK7M7s26anTYxm06T/n7wMM/zzGyf578zHf4z2ZkAHlvTEfFGRIxExGJE1PL+NC9xs1uy7e5ut+p/b7fqSbTb7/2ZRBIRd7Zb9eLfSvLlqbwxk0akX0Q8d3P3uFvXrn+43GisbubtuebVj+a2rl0/d+Xq8uXVy6vr51+ef2VxaXFpYX44gRaTu/Hu518vfffT0+f+mcm6Tufd/XEMy3RMnylbd2HYg1VsvOoJAACwJ2me+4928v9ajHRqXbWYa1U6OQAAAGAo2q/ny/aliTYAAABwTCXRXX5yIaLquQAAAACHofgdwJ3tVr0oFf4c4aG7/WZETHXjv5uX7prROJFvM3aIz7dOR8TFG998kJU4pOeQAQD6/ZzlP/OD8r80nunbbiKikw+dHPL40/e0d+c/6a0hD7lDlv+9mr/bZmf+lxabTI3krSc6qeJYsnalsTofEWciYibGJrL2wn3GmHrr17/K1vXnf1nJxi9ywXwet0Yndn5mZbm5fJCY+93+LOLZ0UHxJ738N4mIyQOMsfDHpSzFHujB8R+u9vcRZ18bHH8huf/7ieY6x8NccVTs9uPFr7bKxq86/mz/Tw48/nvxTyX972sqjaTcOy98uVa27v8e/+PJ+516cV326XKzubkQMZ68vbt/8b/PFu1i+yz+mecH//8vzn9J/k6r0/k5YL/OTpSvexT2/8q+9v/+K5Obv/1SNv7e9v9LndpM3rOX899eJ3iQ7w4AAACOirRzXyNJZ3v1NJ2d7d7veCom08bGVvPFtY2P11e69z+mYiwt7nTV+u6HLnT/jN5rL97TPh8RT0bEt7WTnfZsfaOxUnXwAAAA8Jg4VXL9n/m9VvXsAAAAgKEpezgHAAAAOD5c/wMAAMCxdpD3+qkMpTIWvZ4T8QjM50hURuPBPUerkkREtdPYiOj7DiPih/WqT08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABH1r8BAAD//z4UxNw=") 525.310698ms ago: executing program 1 (id=843): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000001c0)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000280)={0x4, 0x0, &(0x7f0000000000)=[@register_looper={0x40106308}], 0x0, 0x0, 0x0}) 509.660489ms ago: executing program 0 (id=844): creat(&(0x7f0000000e00)='./file0\x00', 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/locks\x00', 0x0, 0x0) pread64(r0, 0x0, 0x0, 0x0) r1 = open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) 500.28256ms ago: executing program 2 (id=845): socket$key(0xf, 0x3, 0x2) r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000240)="03", 0x1, 0xfffffffffffffffe) keyctl$update(0x2, r0, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_UID={0x8, 0x19, 0xffffffffffffffff}]}, 0x24}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) io_setup(0x83, &(0x7f00000003c0)=0x0) io_submit(r2, 0x0, 0x0) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300001e880000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) r4 = dup(r3) ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x101}}) 499.92249ms ago: executing program 1 (id=846): open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x101c088, &(0x7f0000000c00)=ANY=[@ANYBLOB="757466383d302c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c756e695f786c6174653d312c756e695f786c6174653d302c726f6469722c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d302c757466383d312c73686f72746e616d653d77696e39352c726f6469722c6e66733d6e6f7374616c655f726f2c726f6469722c757466383d312c73686f72746e616d653d77696e6e742c636865636b3d72656c617865642c00c63b831754d4eeec4cf38c28cf1e3409b9950bbab09abe8d407d1c7c935e034461a37ac3113829124efad15a202673b20ad011cb0f0cedb0cef9f6ec5e2634db26ef8581fd506844d0133ac021c0172b4b36a109949512e8dc6a8c7d603e3ef3cd57451eaee1b0e4804b9ea88fcad7afb59594dcfeaf8d34935fa0e54a36c57d964429e7ec869287810e5d97759017ace0c3f5"], 0x6, 0x2c3, &(0x7f0000000900)="$eJzs3T+LHGUcB/Df7M3OrlrsFlYiOKCFVciltdlDEhCvMmyhFnqYC8jtItzBgX9wTWVrY2HhKxAEX4iN70CwFeyMEHhkZmeyu5dlcxuyJyafT5MnzzzfeX7Ps8PdXHHPffzq9OROGXfvffV79PtZdEYxivtZDKMTrW9ixei7AAD+z+6nFH+luW1yWUT0d1cWALBDl/v+ny+av1xJWQDADt1+/4N3Dw4Pb75Xlv24Nf32fFz9ZF/9O79+cDc+jUkcx/UYxIOI+kWhG/XbQtW8lVKa5WVlGG9MZ+fjKjn96Nfm/gd/RtT5/RjEsO56+LZR5985vLlfzi3lZ1UdLzbzj6r8jRjEyw/DK/kba/IxLuLN15fqvxaD+O2T+CwmcacuYpH/er8s307f//3lh1V5VT6bnY979biFtHfFHw0AAAAAAAAAAAAAAAAAAAAAAM+wa83ZOb2oz++puprzd/YeVP/pRtkarp7PM89n7Y2WzwdKKc1S/Nier3O9LMvUDFzk83glXz5YEAAAAAAAAAAAAAAAAAAAAJ5fZ59/cXI0mRyfPpVGexpAHhH/3I540vuMlnpei82De82cR5NJp2mujsmXe2KvHZNFbCyjWsST7kYeW639hUdqbho//bzt7P3Hj+mun+tpNtqn6+QoW7+HvWh7+s1G/VBELMYUccm5ios9aTC/T9rqIyjWXhpsvfbipbox2zAmsk2FvfXHfOeanuziKop6V9fGu01jKX7h2bjU8xz9efzRrxWZ0zoAAAAAAAAAAAAAAAAAAGCnFr/9u+bivY3RTurtrCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuFKLv/+/RWPWhI9Pz/LHDC7i9Ow/XiIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPgX8DAAD//x0KWZ8=") ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000440)={0x1, 0x0, [{0x0, 0x0, 0x0}]}) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000400)='cgroup.procs\x00', 0x2, 0x0) r2 = syz_clone(0x0, &(0x7f0000000600), 0x0, 0x0, &(0x7f0000000500), 0x0) write$cgroup_pid(r1, &(0x7f0000000080)=r2, 0x12) 471.439462ms ago: executing program 0 (id=847): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000280)=@filename='\x00', 0x0, &(0x7f00000001c0)='./file1\x00') 358.818541ms ago: executing program 1 (id=848): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TCFLSH(r1, 0x400455c8, 0x1000001) 354.748881ms ago: executing program 0 (id=849): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f00000009c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c646d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75650000000000000003667365743d30121df478303030383030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be27ef17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e676cc6e5b2e542e426bceaab9b2cf261046247bce0565d13a6ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4656e47fe5a25502919954242f8d771fc2acf14f2cee04696a9d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d32da887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab924472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893f64421a40f4822ffcc284dfe9ae1c6e4a04293c970f2dae776decf07b085eb5fdeda7d365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2c7fb0340a249135057f87882717e166ef509c14fdcf38f63141e4ed36737c6e55498b350f41c8caed3e347c149162b4c6ed629be8eaaa25d59747816197aff2cf68a42d73e8146c72fedb130521de285872a4ca5353cc354a0b0e2ce57275b34276d28d91b2c0c2fa1041f818ea96f65a3000057dfb8858cfd194f7431e4b734f848268c5a000f01000000010000000360236584faaf1a4d4fabd3b68929729fd006fa91186ac3d0d222e00c77ad726cdc16c8456d6f598254bda7c72b24a6b213162cd6e6f205d1", @ANYRESHEX], 0x0, 0x2a8, &(0x7f0000000580)="$eJzs3c1qA1UUAOAzSZpGXSSIG0VwQBeuSuvWTaNUELtSIqgbg21BklJoIWAFa1d9Apfia/gIrn0Dwa3grl1URiYz0yQ2qbG/YL8PSi9z77lzck9IVjnz5ev7g52DJE7Pf4tWK4naZmzGRRKdqEXl+2gEAPD/cZFl8WdWjJPybzmN2sNlBQA8pOL7v/DUuQAAj+OTzz7/qLu9vfVxmrbi1fbZqJdExP7ZqFfMd/fi6xjGbqxHOy4jsivF+IMPt7eikeY68db+yag3mtm/+0fEOH4j2tGZH7+RFsr4XkT+fyVejDS6eyvVVu14ZX78O3Pio9eMt9+cyn8t2vHrV3EQw9iJPHYS/91Gmr6f/XD+7Rf5bfL4pBa91fG6iaz+OBUBAAAAAAAAAAAAAAAAAAAAAOA5WEvTpGjfM+7fk18q++/UL8fza2mlM9ufp4i/6hdc9AfKomzRc5LFj1V/nfU0TbNy4SS+Ea81PFgAAAAAAAAAAAAAAAAAAAAAckffHA/6w+Hu4Z0H9UF/WHUDqH7Wf9sNN6euvBHHg3598Yary99ruttAnuuNi6PRiHs4lmUGL+T5LFjzU5nvf995dVLcT8vwqjD3+ipefu8qw7Scqg550E/+7V6tqnA/T08147b5jGs73D3Mxm+Jy2y2pq0Fh9m8p9NovjR36q8sy5bb593fixqVV5Jxi43l7r5SDha+W1rXa/HL4g0XfmTU7/qZAwAAAAAAAAAAAAAAAAAAzDf7w+l/OL0xtPZgSQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI5s8/78atCJi9sq1wUkZfNOactCMw6MnfokAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8A38HAAD//xorSR0=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) r1 = openat(r0, &(0x7f0000000280)='.\x00', 0x0, 0x0) ioctl$FAT_IOCTL_GET_ATTRIBUTES(r1, 0x80047210, 0x0) 285.981567ms ago: executing program 2 (id=850): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 21.777038ms ago: executing program 1 (id=852): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0) pwritev(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x8001, 0x0) write$cgroup_int(r0, &(0x7f00000000c0)=0x7, 0x12) 9.278229ms ago: executing program 1 (id=853): unshare(0x6040400) write$tun(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="000000006089deb900de2f00fe8000000000000000000000000000bbfc0100000000000000000000000000000420880b00000000000008006adb19008086ddbc53d916c5f16fd89876354cbfd1e5cc9c321c9b446c173dd18e15f2b20a32982c5984f42abedcae02bbafc0946ebb96b4dcac914327c772b9bee074397f41520b1d1bd57920db591426d212404e19ad9e461270d1aca13a1f1a279794c6e003b74c18e2b45fb11fd3fbb51d06d32f2444eb69f06b47850125a8b92725b95ff25247d82afd8339465c47b61531b1caf43651f07567bb63080088be00000000100000000100000000000000080022eb0000000020"], 0x10a) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) pidfd_send_signal(r1, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x8001}, 0x0) 0s ago: executing program 1 (id=854): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="8500000011000000350000000000ba00850000007d00000095000000000000004cf12aa56cd90200f81f06a9cf64f5e0a141d524581835d8050864d20000000201000000fa22beb5cf918d4aec9a100d4bb065b956a1cd1101257520ea98165b61a3cf5fc634f2cadd8442230e7953f91136aa1f7035175106000000000060777a5a000097cbe5158a10861aaa1c00009ebaf9dce435554bc34e6bdea4217ce4a98af8ad0887c697acd962002000ff00e34f0a9c13ecee6156c599c7b293de0019b27de967bfb3fe241454a04080bf668ce021879c820f9b80fe2338a894113532b18ac144000000000000000000390bd00cff614f220083e0722cca51902e7a6fe8e982302a55655058f6a7d0d6e137cd1333fe7fac2a4ba587855d78c85597da7a84de6abc5c5518653f"], &(0x7f0000000140)='GPL\x00', 0x0, 0x27, &(0x7f00000004c0)=""/153}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r1, 0x0, 0xe, 0xfffffffffffffd85, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x739d}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000006c0)={{r0}, &(0x7f0000000200), 0x0}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_BLANKSCREEN(r2, 0x541c, &(0x7f0000000000)) r3 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet_opts(r3, 0x0, 0xd, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x31, 0x0, 0x0) sendmmsg$inet6(r3, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0) r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$UI_SET_KEYBIT(r4, 0x40045565, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000000dc0)=ANY=[@ANYBLOB="b702000010000000bfa300000000000007030000f0ffffff7a0af0ff0000000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445ffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b2314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8dd63d4b77b206000000000000e254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f3813e2c25a61ec45c3af9948f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469600241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c12e28ef97d9ebd9c77f1774cf4683c960119451bb1539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f011000000f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497a6103876843ee04ed9ff002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd1304202274f20675eb781925440578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f48002c92f1859eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b96508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e25c89b552d7fcd116bce9c764c714c9402c21d1aac59efb28d4f91652f6000000000000000320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a575939206d0c0f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000400ff2ffd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c18270d0ba5f9b4331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8000000edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44c0e0a33db76cf059f40fa2640b6bfb74dd35391b8fa18479da9f4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847db97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ccfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000000000000000000003ba34b611569a451564d3a5400f9097ffe7a37e765be352be71ee24250d6828562c7e24cb763062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b00000000e2794269310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89a0000bde05c114e7a020fc1a5fd3eeeb822008b2d7d1cc062b51b0aca4956b557e51a1385cc572b0074b0950fb1437de2590bf99ec7ceb69e1fe2465fce099c992d57b804a22e148ae3411523814aee03ee2df877edfabf4aa94f07c6fdd127e57a8bf7975f2e606c25a299980a6e52fcf7849d45bb38573fbba8afef1aa7a24c805f7aee3e39a3000000000000000000000000000000000000878f88c4742ac490951c36c610a0d266588ec6a0bd300cf160b5a5d9e9fafa49ecc8430832d795e727b7fc2b76e7fc4141fdbb82f45d3cdd3fb8d4b443ab4954fdf5c1b9a6ab3e457f098329307ccb0a1989b6c37509692e952e7244f48bc12569ff8eb30d0f887b85b5ef44fb9a7571319190be0c226ed72f346cc4aa071ae0c72fa8bd00d5590c4f4ba65d0c8e1f4870fe3c4146a2e41b40163eb1aa2a7429a2208cd6e69c7d959e87da3fd0101159a03ab7fe78881ee7a1ee7a2edff75fb18a181e0c54352be2b7a5b5273198291c28d9141deeb3cdba5d414ae4b0000000000000000000000000009eacd83458d8a606be71970497a4fd4ca3b48ca482ab3804e2fac216b3ba613608b1a465456a33fd08491d337d7344c01cfc9e7300000000000095bf527e96ca82a73254cee6f9cecc7714e80691e6ec7d7528520abeecbc6cbc8ccb6ff1cf6db6991dd93280eaf450af67a3d83b832d4ea9e63bde4f670d1c7ba3052ba1c49d91bd09a09aa3a9e80501369eef5c6376d7b78453cc86d73b7847313974aeddb13fe66e585fc9c3d037c2e453e0e43bbf75ba9cecc9b984ea23090e7a06c3de187d34d9e62ddac6c6bb67e31715da333b910a031fa204c908c8c81ce49a203f08b640"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x90) ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x94) mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, 0xffffffffffffffff, 0x0) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000340)='-]-!\\-%)}$\x00') bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r5, 0xc0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe3b, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140)={r6}, 0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x2f00020b, 0x809, 0x2f000000, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) ioctl$UI_DEV_CREATE(r4, 0x4008556c) kernel console output (not intermixed with test programs): dev="devtmpfs" ino=96 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 27.958136][ T583] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 27.964461][ T23] audit: type=1400 audit(1719983458.510:132): avc: denied { open } for pid=581 comm="syz.4.78" path="/dev/kvm" dev="devtmpfs" ino=96 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 27.979964][ T568] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,max_batch_time=0x0000000000000005,mblk_io_submit,minixdf,barrier=0x0000000000000000,grpjquota=,bsddf, [ 28.103163][ T594] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz.0.71: bg 0: block 234: padding at end of block bitmap is not set [ 28.123806][ T594] EXT4-fs (loop0): Remounting filesystem read-only [ 28.173007][ T593] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 28.193252][ T593] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038 (0x7fffffff) [ 28.983352][ T603] blk_update_request: I/O error, dev loop7, sector 2696 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 0 [ 29.001056][ T605] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 29.015728][ T605] Buffer I/O error on dev loop7, logical block 0, async page read [ 29.023790][ T605] loop7: unable to read partition table [ 29.030187][ T605] loop7: partition table beyond EOD, truncated [ 29.045693][ T605] loop_reread_partitions: partition scan of loop7 () failed (rc=-5) [ 29.136043][ T611] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 29.159924][ T611] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 29.196283][ T611] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b016e118, mo2=0002] [ 29.214371][ T611] System zones: 1-12 [ 29.225302][ T611] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2221: inode #15: comm syz.2.85: corrupted in-inode xattr [ 29.241833][ T611] EXT4-fs error (device loop2): ext4_orphan_get:1240: comm syz.2.85: couldn't read orphan inode 15 (err -117) [ 29.488150][ T611] EXT4-fs (loop2): mounted filesystem without journal. Opts: i_version,data_err=abort,debug,noload,mblk_io_submit,nouid32,init_itable=0x0000000000000601,grpquota,,errors=continue [ 30.710464][ T656] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 30.739128][ T656] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,max_batch_time=0x0000000000000005,mblk_io_submit,minixdf,barrier=0x0000000000000000,grpjquota=,bsddf, [ 31.111127][ T682] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 31.123180][ T682] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 31.124726][ T678] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 31.136322][ T682] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b016e118, mo2=0002] [ 31.140750][ T678] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e800e018, mo2=0000] [ 31.148181][ T682] System zones: 1-12 [ 31.154783][ T678] System zones: 0-1, 3-12 [ 31.159988][ T682] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2221: inode #15: comm syz.1.106: corrupted in-inode xattr [ 31.164039][ T678] EXT4-fs (loop0): orphan cleanup on readonly fs [ 31.175168][ T682] EXT4-fs error (device loop1): ext4_orphan_get:1240: comm syz.1.106: couldn't read orphan inode 15 (err -117) [ 31.186864][ T678] EXT4-fs error (device loop0): ext4_ext_check_inode:540: inode #3: comm syz.0.105: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 3(4), depth 0(0) [ 31.191817][ T378] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 31.209832][ T678] EXT4-fs error (device loop0): ext4_quota_enable:6059: comm syz.0.105: Bad quota inode: 3, type: 0 [ 31.216667][ T682] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,data_err=abort,debug,noload,mblk_io_submit,nouid32,init_itable=0x0000000000000601,grpquota,,errors=continue [ 31.229811][ T678] EXT4-fs warning (device loop0): ext4_enable_quotas:6100: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 31.260264][ T678] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 31.266906][ T678] EXT4-fs (loop0): mounted filesystem without journal. Opts: init_itable,debug,,errors=continue [ 31.777928][ T378] usb 4-1: Using ep0 maxpacket: 8 [ 32.059166][ T23] kauditd_printk_skb: 22 callbacks suppressed [ 32.059258][ T23] audit: type=1326 audit(1719983462.630:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=698 comm="syz.2.111" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff43375db99 code=0x0 [ 32.127580][ T378] usb 4-1: config 0 has no interfaces? [ 32.132921][ T378] usb 4-1: New USB device found, idVendor=03eb, idProduct=2002, bcdDevice= 1.00 [ 32.150971][ T378] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 32.167226][ T378] usb 4-1: config 0 descriptor?? [ 32.258193][ T23] audit: type=1400 audit(1719983462.830:156): avc: denied { write } for pid=710 comm="syz.0.114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 32.282806][ T23] audit: type=1400 audit(1719983462.850:157): avc: denied { nlmsg_write } for pid=710 comm="syz.0.114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 32.358646][ T23] audit: type=1400 audit(1719983462.850:158): avc: denied { create } for pid=710 comm="syz.0.114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 32.426576][ T389] usb 4-1: USB disconnect, device number 2 [ 32.873806][ T713] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 32.881408][ T713] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 32.892020][ T713] F2FS-fs (loop0): invalid crc value [ 32.927877][ T715] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 33.178570][ T713] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 33.185522][ T713] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 33.230067][ T715] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,max_batch_time=0x0000000000000005,mblk_io_submit,minixdf,barrier=0x0000000000000000,grpjquota=,bsddf, [ 33.291302][ T730] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 33.299433][ T730] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e800e018, mo2=0000] [ 33.307973][ T730] System zones: 0-1, 3-12 [ 33.315563][ T730] EXT4-fs (loop4): orphan cleanup on readonly fs [ 33.322129][ T730] EXT4-fs error (device loop4): ext4_ext_check_inode:540: inode #3: comm syz.4.119: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 3(4), depth 0(0) [ 33.347925][ T730] EXT4-fs error (device loop4): ext4_quota_enable:6059: comm syz.4.119: Bad quota inode: 3, type: 0 [ 33.362835][ T730] EXT4-fs warning (device loop4): ext4_enable_quotas:6100: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 33.384525][ T730] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 33.395391][ T730] EXT4-fs (loop4): mounted filesystem without journal. Opts: init_itable,debug,,errors=continue [ 33.418843][ T740] EXT4-fs error (device loop2): ext4_validate_block_bitmap:418: comm syz.2.116: bg 0: block 234: padding at end of block bitmap is not set [ 33.459348][ T740] EXT4-fs (loop2): Remounting filesystem read-only [ 33.507874][ T744] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 33.524843][ T742] syz.3.122[742] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 33.524901][ T742] syz.3.122[742] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 33.753853][ T23] audit: type=1400 audit(1719983464.320:159): avc: denied { read write } for pid=755 comm="syz.4.127" name="fuse" dev="devtmpfs" ino=9190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 33.790220][ T23] audit: type=1400 audit(1719983464.340:160): avc: denied { open } for pid=755 comm="syz.4.127" path="/dev/fuse" dev="devtmpfs" ino=9190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 33.815936][ T125] blk_update_request: I/O error, dev loop7, sector 2304 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 33.823754][ T23] audit: type=1400 audit(1719983464.360:161): avc: denied { unmount } for pid=349 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 33.827149][ T125] Buffer I/O error on dev loop7, logical block 288, lost async page write [ 33.905960][ T767] kvm [766]: vcpu0, guest rIP: 0xfff0 kvm_set_msr_common: MSR_IA32_DEBUGCTLMSR 0x3, nop [ 34.742438][ T774] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 34.750030][ T774] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 34.789119][ T774] F2FS-fs (loop0): invalid crc value [ 34.802134][ T776] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 34.813186][ T776] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e800e018, mo2=0000] [ 34.821400][ T776] System zones: 0-1, 3-12 [ 34.826138][ T776] EXT4-fs (loop3): orphan cleanup on readonly fs [ 34.833674][ T776] EXT4-fs error (device loop3): ext4_ext_check_inode:540: inode #3: comm syz.3.132: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 3(4), depth 0(0) [ 34.858554][ T788] syz.2.136[788] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 34.858612][ T788] syz.2.136[788] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 34.870851][ T793] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 34.906477][ T774] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 34.913417][ T774] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 34.946860][ T776] EXT4-fs error (device loop3): ext4_quota_enable:6059: comm syz.3.132: Bad quota inode: 3, type: 0 [ 35.309836][ T776] EXT4-fs warning (device loop3): ext4_enable_quotas:6100: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 35.337214][ T776] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 35.344058][ T776] EXT4-fs (loop3): mounted filesystem without journal. Opts: init_itable,debug,,errors=continue [ 35.357602][ T23] audit: type=1400 audit(1719983465.900:162): avc: denied { mount } for pid=797 comm="syz.1.137" name="/" dev="loop1" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 35.744572][ T807] kvm [806]: vcpu0, guest rIP: 0xfff0 kvm_set_msr_common: MSR_IA32_DEBUGCTLMSR 0x3, nop [ 35.768609][ T23] audit: type=1400 audit(1719983466.340:163): avc: denied { append } for pid=144 comm="syslogd" name="messages" dev="tmpfs" ino=861 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 35.821899][ T813] device batadv_slave_0 entered promiscuous mode [ 35.824961][ T23] audit: type=1400 audit(1719983466.340:164): avc: denied { open } for pid=144 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=861 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 35.835431][ T812] device batadv_slave_0 left promiscuous mode [ 36.775444][ T829] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 36.829978][ T815] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.838707][ T815] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.846243][ T815] device bridge_slave_0 entered promiscuous mode [ 36.898050][ T815] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.904970][ T815] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.003183][ T815] device bridge_slave_1 entered promiscuous mode [ 37.822127][ T844] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 37.829682][ T844] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 37.835674][ T849] device batadv_slave_0 entered promiscuous mode [ 37.839476][ T388] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 37.851738][ T844] F2FS-fs (loop0): invalid crc value [ 37.879609][ T23] kauditd_printk_skb: 4 callbacks suppressed [ 37.879619][ T23] audit: type=1400 audit(1719983468.450:169): avc: denied { create } for pid=846 comm="syz.1.153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 37.907449][ T848] device batadv_slave_0 left promiscuous mode [ 37.947097][ T23] audit: type=1400 audit(1719983468.470:170): avc: denied { setopt } for pid=846 comm="syz.1.153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 37.972192][ T844] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 37.979406][ T844] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 38.004932][ T23] audit: type=1400 audit(1719983468.480:171): avc: denied { write } for pid=846 comm="syz.1.153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 38.054233][ T23] audit: type=1400 audit(1719983468.540:172): avc: denied { read } for pid=846 comm="syz.1.153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 38.076026][ T860] netlink: 40 bytes leftover after parsing attributes in process `syz.2.156'. [ 38.096255][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 38.103394][ T23] audit: type=1400 audit(1719983468.660:173): avc: denied { ioctl } for pid=859 comm="syz.2.156" path="socket:[15464]" dev="sockfs" ino=15464 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 38.129428][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 38.147639][ T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 38.155865][ T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 38.181251][ T389] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.188117][ T389] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.195899][ T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 38.208127][ T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 38.217930][ T389] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.224848][ T389] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.283730][ T866] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 38.299917][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 38.317626][ T388] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 38.339420][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 38.346572][ T388] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 38.360132][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.367689][ T388] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 38.367703][ T388] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 38.369078][ T388] usb 5-1: config 0 descriptor?? [ 38.384914][ T23] audit: type=1326 audit(1719983468.950:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=869 comm="syz.1.163" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f09dc93bb99 code=0x0 [ 38.414933][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 38.428860][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.437020][ T179] device bridge_slave_1 left promiscuous mode [ 38.443142][ T179] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.450537][ T179] device bridge_slave_0 left promiscuous mode [ 38.456528][ T179] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.529960][ T874] device batadv_slave_0 entered promiscuous mode [ 38.537367][ T873] device batadv_slave_0 left promiscuous mode [ 38.555681][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 38.567420][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 38.600997][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 38.609128][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 38.629307][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 38.638268][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 38.653941][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 38.662400][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 38.696672][ T23] audit: type=1400 audit(1719983469.250:175): avc: denied { mounton } for pid=815 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=11613 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 38.904831][ T124] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 39.039467][ T388] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 39.049556][ T388] plantronics 0003:047F:FFFF.0001: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 39.178140][ T124] usb 3-1: Using ep0 maxpacket: 16 [ 39.252625][ T388] usb 5-1: USB disconnect, device number 2 [ 39.279879][ T895] netlink: 40 bytes leftover after parsing attributes in process `syz.3.169'. [ 39.297701][ T124] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 39.468992][ T903] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 39.828379][ T125] blk_update_request: I/O error, dev loop7, sector 5120 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 39.837673][ T124] usb 3-1: New USB device found, idVendor=046d, idProduct=0821, bcdDevice=57.47 [ 39.839800][ T125] Buffer I/O error on dev loop7, logical block 640, lost async page write [ 39.848449][ T904] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 39.856807][ T125] blk_update_request: I/O error, dev loop7, sector 5128 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 39.864326][ T904] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 39.876215][ T125] Buffer I/O error on dev loop7, logical block 641, lost async page write [ 39.883948][ T124] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 39.892847][ T125] blk_update_request: I/O error, dev loop7, sector 5136 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 39.902918][ T124] usb 3-1: Product: syz [ 39.914822][ T124] usb 3-1: Manufacturer: syz [ 39.914835][ T124] usb 3-1: SerialNumber: syz [ 39.921935][ T125] Buffer I/O error on dev loop7, logical block 642, lost async page write [ 39.931066][ T124] usb 3-1: config 0 descriptor?? [ 39.932538][ T125] blk_update_request: I/O error, dev loop7, sector 5144 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 39.948164][ T904] F2FS-fs (loop3): invalid crc value [ 39.948171][ T125] Buffer I/O error on dev loop7, logical block 643, lost async page write [ 39.948210][ T125] blk_update_request: I/O error, dev loop7, sector 5152 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 39.971837][ T124] uvcvideo: Found UVC 0.00 device syz (046d:0821) [ 39.972877][ T125] Buffer I/O error on dev loop7, logical block 644, lost async page write [ 39.987598][ T125] blk_update_request: I/O error, dev loop7, sector 5160 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 39.999053][ T125] Buffer I/O error on dev loop7, logical block 645, lost async page write [ 40.007372][ T125] blk_update_request: I/O error, dev loop7, sector 5168 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 40.018527][ T904] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 40.018703][ T125] Buffer I/O error on dev loop7, logical block 646, lost async page write [ 40.025568][ T904] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 40.035811][ T125] blk_update_request: I/O error, dev loop7, sector 5176 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 40.042620][ T124] uvcvideo: No valid video chain found. [ 40.052375][ T125] Buffer I/O error on dev loop7, logical block 647, lost async page write [ 40.052419][ T125] blk_update_request: I/O error, dev loop7, sector 5184 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 40.077387][ T125] Buffer I/O error on dev loop7, logical block 648, lost async page write [ 40.086216][ T125] blk_update_request: I/O error, dev loop7, sector 5192 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 40.098043][ T125] Buffer I/O error on dev loop7, logical block 649, lost async page write [ 40.156687][ T918] device batadv_slave_0 entered promiscuous mode [ 40.168523][ T917] device batadv_slave_0 left promiscuous mode [ 40.174967][ T124] usb 3-1: USB disconnect, device number 2 [ 40.208418][ T23] audit: type=1326 audit(1719983470.780:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=923 comm="syz.0.178" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7740997b99 code=0x0 [ 40.250067][ T23] audit: type=1400 audit(1719983470.810:177): avc: denied { write } for pid=926 comm="syz.4.179" name="/" dev="incremental-fs" ino=15294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 40.277703][ T23] audit: type=1400 audit(1719983470.810:178): avc: denied { add_name } for pid=926 comm="syz.4.179" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 40.333632][ T931] netlink: 12 bytes leftover after parsing attributes in process `syz.1.177'. [ 40.687756][ T5] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 40.742988][ T933] netlink: 40 bytes leftover after parsing attributes in process `syz.3.181'. [ 41.290801][ T5] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 41.319031][ T5] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 41.332546][ T5] usb 5-1: New USB device found, idVendor=0582, idProduct=d728, bcdDevice=a0.a7 [ 41.341750][ T5] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 41.353642][ T5] usb 5-1: config 0 descriptor?? [ 41.643901][ T5] usb 5-1: USB disconnect, device number 3 [ 41.721481][ T966] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 41.739178][ T966] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,max_batch_time=0x0000000000000005,mblk_io_submit,minixdf,barrier=0x0000000000000000,grpjquota=,bsddf, [ 41.826338][ T971] EXT4-fs error (device loop3): ext4_validate_block_bitmap:418: comm syz.3.192: bg 0: block 234: padding at end of block bitmap is not set [ 41.840667][ T971] EXT4-fs (loop3): Remounting filesystem read-only [ 42.238582][ T5] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 42.378337][ T999] netlink: 12 bytes leftover after parsing attributes in process `syz.0.199'. [ 42.562971][ T998] loop7: unable to read partition table [ 42.572138][ T998] loop7: partition table beyond EOD, truncated [ 42.587683][ T998] loop_reread_partitions: partition scan of loop7 () failed (rc=-5) [ 42.657576][ T5] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 42.672922][ T5] usb 3-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 42.682947][ T5] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 42.704656][ T5] usb 3-1: config 0 descriptor?? [ 42.732153][ T1009] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 42.776496][ T5] uvcvideo: Found UVC 0.00 device (046d:08c1) [ 43.012215][ T5] uvcvideo: No valid video chain found. [ 43.018370][ T5] usb 3-1: USB disconnect, device number 3 [ 43.026211][ T1009] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,max_batch_time=0x0000000000000005,mblk_io_submit,minixdf,barrier=0x0000000000000000,grpjquota=,bsddf, [ 43.115959][ T1018] EXT4-fs error (device loop4): ext4_validate_block_bitmap:418: comm syz.4.206: bg 0: block 234: padding at end of block bitmap is not set [ 43.137770][ T1018] EXT4-fs (loop4): Remounting filesystem read-only [ 43.474264][ T388] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 43.602201][ T23] kauditd_printk_skb: 1 callbacks suppressed [ 43.602213][ T23] audit: type=1400 audit(1719983474.170:180): avc: denied { write } for pid=1040 comm="syz.1.217" name="ppp" dev="devtmpfs" ino=9279 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 43.735201][ T23] audit: type=1400 audit(1719983474.300:181): avc: denied { read } for pid=1050 comm="syz.4.221" name="event0" dev="devtmpfs" ino=823 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 43.758579][ T23] audit: type=1400 audit(1719983474.300:182): avc: denied { open } for pid=1050 comm="syz.4.221" path="/dev/input/event0" dev="devtmpfs" ino=823 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 43.783867][ T23] audit: type=1400 audit(1719983474.300:183): avc: denied { write } for pid=1050 comm="syz.4.221" lport=5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 43.810104][ T1053] netlink: 12 bytes leftover after parsing attributes in process `syz.1.219'. [ 43.887713][ T388] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 43.898268][ T388] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 43.912592][ T388] usb 4-1: New USB device found, idVendor=0582, idProduct=d728, bcdDevice=a0.a7 [ 43.922784][ T388] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 43.935239][ T388] usb 4-1: config 0 descriptor?? [ 44.056496][ T1057] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 44.082856][ T1057] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,max_batch_time=0x0000000000000005,mblk_io_submit,minixdf,barrier=0x0000000000000000,grpjquota=,bsddf, [ 44.164357][ T1066] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz.0.223: bg 0: block 234: padding at end of block bitmap is not set [ 44.181795][ T389] usb 4-1: USB disconnect, device number 3 [ 44.182404][ T1066] EXT4-fs (loop0): Remounting filesystem read-only [ 44.417557][ T388] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 44.499108][ T1075] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 44.509010][ T1075] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038 (0x7fffffff) [ 44.547633][ T18] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 44.575367][ T23] audit: type=1400 audit(1719983475.140:184): avc: denied { ioctl } for pid=1081 comm="syz.2.230" path="socket:[16855]" dev="sockfs" ino=16855 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 44.629890][ T1084] attempt to access beyond end of device [ 44.629890][ T1084] loop1: rw=2049, want=260, limit=256 [ 44.641272][ T1084] attempt to access beyond end of device [ 44.641272][ T1084] loop1: rw=2049, want=260, limit=256 [ 44.808015][ T18] usb 1-1: Using ep0 maxpacket: 8 [ 44.848131][ T388] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 44.909223][ T388] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 44.929727][ T388] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 44.942486][ T388] usb 5-1: config 0 descriptor?? [ 44.950871][ T18] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 44.976975][ T18] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16 [ 44.987640][ T388] uvcvideo: Found UVC 0.00 device (046d:08c1) [ 45.001601][ T388] uvcvideo: No valid video chain found. [ 45.007176][ T18] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 45.029975][ T1097] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 45.053780][ T1097] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,max_batch_time=0x0000000000000005,mblk_io_submit,minixdf,barrier=0x0000000000000000,grpjquota=,bsddf, [ 45.121673][ T23] audit: type=1326 audit(1719983475.690:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1105 comm="syz.3.240" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0f1ac5fb99 code=0x0 [ 45.144340][ T18] usb 1-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00 [ 45.154956][ T1107] EXT4-fs error (device loop1): ext4_validate_block_bitmap:418: comm syz.1.237: bg 0: block 234: padding at end of block bitmap is not set [ 45.168987][ T18] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 45.169167][ T1107] EXT4-fs (loop1): Remounting filesystem read-only [ 45.178044][ T18] usb 1-1: SerialNumber: syz [ 45.197029][ T388] usb 5-1: USB disconnect, device number 4 [ 45.207598][ T1070] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 45.228503][ T18] hub 1-1:1.0: bad descriptor, ignoring hub [ 45.234344][ T18] hub: probe of 1-1:1.0 failed with error -5 [ 45.359176][ T1109] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 45.368092][ T1109] ext4 filesystem being mounted at /50/file0 supports timestamps until 2038 (0x7fffffff) [ 45.436457][ T1070] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 45.532634][ T1118] netlink: 12 bytes leftover after parsing attributes in process `syz.1.242'. [ 45.775745][ T1121] attempt to access beyond end of device [ 45.775745][ T1121] loop2: rw=2049, want=260, limit=256 [ 45.787242][ T1121] attempt to access beyond end of device [ 45.787242][ T1121] loop2: rw=2049, want=260, limit=256 [ 46.213875][ T18] cdc_ether 1-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 46.263880][ T1148] bridge0: port 3(gretap0) entered blocking state [ 46.270148][ T1148] bridge0: port 3(gretap0) entered disabled state [ 46.276995][ T1148] device gretap0 entered promiscuous mode [ 46.283539][ T1148] bridge0: port 3(gretap0) entered blocking state [ 46.289799][ T1148] bridge0: port 3(gretap0) entered forwarding state [ 46.305859][ T1148] device gretap0 left promiscuous mode [ 46.312106][ T1148] bridge0: port 3(gretap0) entered disabled state [ 46.949237][ T1137] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 46.961190][ T1137] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038 (0x7fffffff) [ 46.971743][ T23] audit: type=1400 audit(1719983477.530:186): avc: denied { read } for pid=201 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 47.047652][ T18] usb 1-1: USB disconnect, device number 2 [ 47.063707][ T18] cdc_ether 1-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [ 47.109937][ T1156] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 47.136265][ T1156] EXT4-fs error (device loop2): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 47.160164][ T1156] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 47.182976][ T1156] EXT4-fs (loop2): This should not happen!! Data will be lost [ 47.182976][ T1156] [ 47.192990][ T1156] EXT4-fs (loop2): Total free blocks count 0 [ 47.199298][ T1156] EXT4-fs (loop2): Free/Dirty block details [ 47.206720][ T23] audit: type=1326 audit(1719983477.770:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1191 comm="syz.3.263" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0f1ac5fb99 code=0x0 [ 47.227964][ T1156] EXT4-fs (loop2): free_blocks=68451041280 [ 47.236561][ T1156] EXT4-fs (loop2): dirty_blocks=16 [ 47.242509][ T1156] EXT4-fs (loop2): Block reservation details [ 47.248599][ T1156] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 47.307450][ T23] audit: type=1400 audit(1719983477.870:188): avc: denied { write } for pid=1205 comm="syz.1.265" name="uinput" dev="devtmpfs" ino=825 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 47.332444][ T1206] input: syz0 as /devices/virtual/input/input4 [ 47.332856][ T23] audit: type=1400 audit(1719983477.900:189): avc: denied { ioctl } for pid=1205 comm="syz.1.265" path="/dev/uinput" dev="devtmpfs" ino=825 ioctlcmd=0x5501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 47.363353][ T5] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 47.423317][ T1208] attempt to access beyond end of device [ 47.423317][ T1208] loop2: rw=2049, want=260, limit=256 [ 47.434818][ T1208] attempt to access beyond end of device [ 47.434818][ T1208] loop2: rw=2049, want=260, limit=256 [ 47.518545][ T1216] mmap: syz.2.268 (1216): VmData 29085696 exceed data ulimit 65536. Update limits or use boot option ignore_rlimit_data. [ 47.532935][ T1216] netlink: 44 bytes leftover after parsing attributes in process `syz.2.268'. [ 47.544781][ T1216] Module has invalid ELF structures [ 47.622543][ T1218] bridge0: port 3(gretap0) entered blocking state [ 47.628831][ T1218] bridge0: port 3(gretap0) entered disabled state [ 47.638096][ T1218] device gretap0 entered promiscuous mode [ 47.644489][ T1218] bridge0: port 3(gretap0) entered blocking state [ 47.650746][ T1218] bridge0: port 3(gretap0) entered forwarding state [ 47.679584][ T1218] device gretap0 left promiscuous mode [ 47.685477][ T1218] bridge0: port 3(gretap0) entered disabled state [ 47.958721][ T1231] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 47.975644][ T1231] EXT4-fs error (device loop2): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 47.990280][ T1231] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 48.002568][ T1231] EXT4-fs (loop2): This should not happen!! Data will be lost [ 48.002568][ T1231] [ 48.012438][ T1231] EXT4-fs (loop2): Total free blocks count 0 [ 48.018344][ T5] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 48.021936][ T1231] EXT4-fs (loop2): Free/Dirty block details [ 48.028281][ T5] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 48.034286][ T1231] EXT4-fs (loop2): free_blocks=68451041280 [ 48.043028][ T5] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 48.052563][ T1231] EXT4-fs (loop2): dirty_blocks=16 [ 48.061574][ T1231] EXT4-fs (loop2): Block reservation details [ 48.067435][ T1231] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 48.075230][ T5] usb 5-1: config 0 descriptor?? [ 48.128204][ T5] uvcvideo: Found UVC 0.00 device (046d:08c1) [ 48.134993][ T5] uvcvideo: No valid video chain found. [ 48.256515][ T1237] EXT4-fs error (device loop3): ext4_ext_check_inode:540: inode #4: comm syz.3.275: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 48.278289][ T1237] EXT4-fs error (device loop3): ext4_quota_enable:6059: comm syz.3.275: Bad quota inode: 4, type: 1 [ 48.289473][ T1237] EXT4-fs warning (device loop3): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 48.304445][ T1237] EXT4-fs (loop3): mount failed [ 49.387941][ T388] usb 5-1: USB disconnect, device number 5 [ 49.429268][ T5] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 49.453944][ T23] kauditd_printk_skb: 8 callbacks suppressed [ 49.453955][ T23] audit: type=1400 audit(1719983480.020:198): avc: denied { write } for pid=1256 comm="syz.1.282" name="kvm" dev="devtmpfs" ino=96 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 49.531898][ T1260] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled [ 49.557967][ T1260] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a802c09c, mo2=0000] [ 49.565658][ T1260] System zones: 0-2, 18-18, 34-34 [ 49.572394][ T1260] EXT4-fs (loop1): 1 orphan inode deleted [ 49.578409][ T1260] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,lazytime,nolazytime,noquota,jqfmt=vfsold,minixdf,init_itable=0x0000000000000002,grpid,debug,,errors=continue [ 49.608774][ T1260] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038 (0x7fffffff) [ 49.626613][ T23] audit: type=1400 audit(1719983480.190:199): avc: denied { setattr } for pid=1259 comm="syz.1.283" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 49.680952][ T1269] syz.1.286 uses obsolete (PF_INET,SOCK_PACKET) [ 49.687549][ T18] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 49.717539][ T5] usb 3-1: Using ep0 maxpacket: 8 [ 49.788067][ T23] audit: type=1326 audit(1719983480.360:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1268 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09dc93bb99 code=0x7fc00000 [ 49.811273][ T23] audit: type=1326 audit(1719983480.360:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1268 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f09dc93bb99 code=0x7fc00000 [ 49.834891][ T23] audit: type=1326 audit(1719983480.400:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1268 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09dc93bb99 code=0x7fc00000 [ 49.858072][ T5] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 49.873144][ T5] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16 [ 49.883378][ T5] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 49.937541][ T653] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 49.959138][ T1273] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 49.968288][ T5] usb 3-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00 [ 49.977110][ T5] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 49.993936][ T1273] EXT4-fs error (device loop1): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 49.997320][ T5] usb 3-1: SerialNumber: syz [ 50.008901][ T1273] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 50.025830][ T1273] EXT4-fs (loop1): This should not happen!! Data will be lost [ 50.025830][ T1273] [ 50.035423][ T1273] EXT4-fs (loop1): Total free blocks count 0 [ 50.037617][ T1245] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 50.041240][ T1273] EXT4-fs (loop1): Free/Dirty block details [ 50.053599][ T18] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 50.056198][ T1273] EXT4-fs (loop1): free_blocks=68451041280 [ 50.063547][ T18] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 50.070133][ T5] hub 3-1:1.0: bad descriptor, ignoring hub [ 50.081871][ T1273] EXT4-fs (loop1): dirty_blocks=16 [ 50.081877][ T1273] EXT4-fs (loop1): Block reservation details [ 50.081884][ T1273] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 50.082460][ T18] usb 4-1: New USB device found, idVendor=0582, idProduct=d728, bcdDevice=a0.a7 [ 50.089881][ T1280] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 50.092735][ T18] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 50.117365][ T5] hub: probe of 3-1:1.0 failed with error -5 [ 50.139417][ T18] usb 4-1: config 0 descriptor?? [ 50.207569][ T653] usb 1-1: Using ep0 maxpacket: 8 [ 50.332870][ T23] audit: type=1400 audit(1719983480.890:203): avc: denied { write } for pid=1285 comm="syz.1.290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 50.354426][ T23] audit: type=1400 audit(1719983480.890:204): avc: denied { read } for pid=1285 comm="syz.1.290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 50.477735][ T1245] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 50.495314][ T1289] EXT4-fs error (device loop4): ext4_ext_check_inode:540: inode #4: comm syz.4.292: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 50.497797][ T13] usb 4-1: USB disconnect, device number 4 [ 50.513261][ T1289] EXT4-fs error (device loop4): ext4_quota_enable:6059: comm syz.4.292: Bad quota inode: 4, type: 1 [ 50.529540][ T1289] EXT4-fs warning (device loop4): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 50.544254][ T1289] EXT4-fs (loop4): mount failed [ 50.557582][ T653] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 50.567613][ T653] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 50.576426][ T653] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 50.585431][ T653] usb 1-1: config 0 descriptor?? [ 50.829194][ T13] usb 1-1: USB disconnect, device number 3 [ 50.959350][ T5] cdc_ether 3-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.2-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 51.449350][ T23] audit: type=1326 audit(1719983482.020:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1319 comm="syz.1.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09dc93bb99 code=0x7fc00000 [ 51.473866][ T1150] usb 3-1: USB disconnect, device number 4 [ 51.490940][ T23] audit: type=1326 audit(1719983482.020:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1319 comm="syz.1.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f09dc93bb99 code=0x7fc00000 [ 51.528541][ T23] audit: type=1400 audit(1719983482.050:207): avc: denied { create } for pid=1308 comm="syz.3.297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 51.897545][ T124] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 52.009097][ T1340] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 52.024505][ T1340] EXT4-fs error (device loop2): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 52.039201][ T1340] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 52.051420][ T1340] EXT4-fs (loop2): This should not happen!! Data will be lost [ 52.051420][ T1340] [ 52.060940][ T1340] EXT4-fs (loop2): Total free blocks count 0 [ 52.066690][ T1340] EXT4-fs (loop2): Free/Dirty block details [ 52.072434][ T1340] EXT4-fs (loop2): free_blocks=68451041280 [ 52.078091][ T1340] EXT4-fs (loop2): dirty_blocks=16 [ 52.082977][ T1340] EXT4-fs (loop2): Block reservation details [ 52.088822][ T1340] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 52.267153][ T1350] kvm: pic: non byte read [ 52.268640][ T124] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 52.282337][ T1349] EXT4-fs error (device loop1): ext4_ext_check_inode:540: inode #4: comm syz.1.304: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 52.301805][ T124] usb 1-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 52.311691][ T124] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 52.321354][ T1349] EXT4-fs error (device loop1): ext4_quota_enable:6059: comm syz.1.304: Bad quota inode: 4, type: 1 [ 52.321501][ T1349] EXT4-fs warning (device loop1): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 52.321783][ T1349] EXT4-fs (loop1): mount failed [ 52.339916][ T124] usb 1-1: config 0 descriptor?? [ 52.372670][ T1357] input: syz0 as /devices/virtual/input/input5 [ 52.405428][ T124] uvcvideo: Found UVC 0.00 device (046d:08c1) [ 52.420306][ T124] uvcvideo: No valid video chain found. [ 52.721177][ T13] usb 1-1: USB disconnect, device number 4 [ 52.867634][ T5] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 52.906197][ T1370] F2FS-fs (loop2): Wrong secs_per_zone / total_sections (67108865, 24) [ 52.915510][ T1370] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 52.925931][ T1370] F2FS-fs (loop2): invalid crc value [ 52.933087][ T1370] F2FS-fs (loop2): Found nat_bits in checkpoint [ 52.967684][ T1370] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 52.974548][ T1370] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 52.990732][ T1372] attempt to access beyond end of device [ 52.990732][ T1372] loop2: rw=2049, want=45104, limit=40427 [ 53.107701][ T5] usb 2-1: Using ep0 maxpacket: 8 [ 53.227581][ T5] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 53.237867][ T5] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 53.246702][ T5] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 53.260666][ T5] usb 2-1: config 0 descriptor?? [ 53.517302][ T388] usb 2-1: USB disconnect, device number 2 [ 54.150916][ T1392] input: syz0 as /devices/virtual/input/input6 [ 54.293136][ T1396] EXT4-fs error (device loop0): ext4_ext_check_inode:540: inode #4: comm syz.0.319: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 54.311125][ T1396] EXT4-fs error (device loop0): ext4_quota_enable:6059: comm syz.0.319: Bad quota inode: 4, type: 1 [ 54.321949][ T1396] EXT4-fs warning (device loop0): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 54.336583][ T1396] EXT4-fs (loop0): mount failed [ 54.337516][ T388] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 54.464743][ T1400] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled [ 54.479279][ T1400] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a802c09c, mo2=0000] [ 54.486926][ T1400] System zones: 0-2, 18-18, 34-34 [ 54.493120][ T1400] EXT4-fs (loop0): 1 orphan inode deleted [ 54.498737][ T1400] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,lazytime,nolazytime,noquota,jqfmt=vfsold,minixdf,init_itable=0x0000000000000002,grpid,debug,,errors=continue [ 54.518549][ T1400] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038 (0x7fffffff) [ 54.618673][ T1406] EXT4-fs (loop0): EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31 [ 54.698988][ T1406] print_req_error: 18 callbacks suppressed [ 54.698999][ T1406] blk_update_request: I/O error, dev loop0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 54.715374][ T1406] EXT4-fs (loop0): unable to read superblock [ 54.717625][ T388] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 54.731086][ T388] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 54.739724][ T388] usb 2-1: config 1 has no interface number 0 [ 54.897617][ T388] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.4b [ 54.906572][ T388] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 54.915171][ T388] usb 2-1: Product: syz [ 54.919209][ T388] usb 2-1: Manufacturer: syz [ 54.923607][ T1409] F2FS-fs (loop0): Wrong secs_per_zone / total_sections (67108865, 24) [ 54.931791][ T388] usb 2-1: SerialNumber: syz [ 54.932340][ T1409] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 54.946505][ T1409] F2FS-fs (loop0): invalid crc value [ 54.953591][ T1409] F2FS-fs (loop0): Found nat_bits in checkpoint [ 54.968244][ T388] cdc_ether 2-1:1.1: skipping garbage [ 54.973730][ T388] cdc_ether 2-1:1.1: skipping garbage [ 54.979470][ T388] usb 2-1: bad CDC descriptors [ 54.992449][ T1409] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 54.999448][ T1409] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 55.018087][ T1411] attempt to access beyond end of device [ 55.018087][ T1411] loop0: rw=2049, want=45104, limit=40427 [ 55.172823][ T13] usb 2-1: USB disconnect, device number 3 [ 55.270452][ T23] kauditd_printk_skb: 38 callbacks suppressed [ 55.270463][ T23] audit: type=1400 audit(1719983485.840:246): avc: denied { getopt } for pid=1417 comm="syz.0.324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 55.567579][ T388] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 55.740390][ T1150] cdc_ether 3-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.2-1, CDC Ethernet Device [ 55.851236][ T23] audit: type=1326 audit(1719983486.420:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1424 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43375db99 code=0x7fc00000 [ 55.853193][ T1433] kvm: pic: non byte read [ 55.878743][ T388] usb 1-1: Using ep0 maxpacket: 8 [ 55.881977][ T23] audit: type=1326 audit(1719983486.420:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1424 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff43375db99 code=0x7fc00000 [ 55.997801][ T388] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 56.014955][ T388] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 56.025256][ T23] audit: type=1400 audit(1719983486.600:249): avc: denied { remove_name } for pid=144 comm="syslogd" name="messages" dev="tmpfs" ino=861 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 56.059228][ T388] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.076344][ T23] audit: type=1400 audit(1719983486.600:250): avc: denied { rename } for pid=144 comm="syslogd" name="messages" dev="tmpfs" ino=861 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 56.108179][ T388] usb 1-1: config 0 descriptor?? [ 56.133241][ T23] audit: type=1400 audit(1719983486.600:251): avc: denied { create } for pid=144 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 56.371082][ T388] usb 1-1: USB disconnect, device number 5 [ 56.388248][ T1440] F2FS-fs (loop4): Wrong secs_per_zone / total_sections (67108865, 24) [ 56.411891][ T1440] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 56.423882][ T1440] F2FS-fs (loop4): invalid crc value [ 56.430967][ T1440] F2FS-fs (loop4): Found nat_bits in checkpoint [ 56.437524][ T5] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 56.471232][ T1440] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 56.478286][ T1440] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 56.499360][ T1464] attempt to access beyond end of device [ 56.499360][ T1464] loop4: rw=2049, want=45104, limit=40427 [ 56.581770][ T23] audit: type=1326 audit(1719983487.150:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1424 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43375db99 code=0x7fc00000 [ 56.613278][ T23] audit: type=1326 audit(1719983487.150:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1424 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ff43375db99 code=0x7fc00000 [ 56.637603][ T23] audit: type=1326 audit(1719983487.150:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1424 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43375db99 code=0x7fc00000 [ 56.661044][ T23] audit: type=1326 audit(1719983487.150:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1424 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43375db99 code=0x7fc00000 [ 56.737929][ T5] usb 2-1: Using ep0 maxpacket: 16 [ 56.967652][ T124] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 57.232897][ T5] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 57.242362][ T5] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 57.250750][ T5] usb 2-1: Product: syz [ 57.258055][ T5] usb 2-1: Manufacturer: syz [ 57.262473][ T5] usb 2-1: SerialNumber: syz [ 57.267914][ T5] usb 2-1: config 0 descriptor?? [ 57.347803][ T124] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 57.365158][ T124] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 57.383332][ T124] usb 3-1: config 1 has no interface number 0 [ 57.580841][ T1460] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 57.587623][ T124] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.4b [ 57.599037][ T1493] F2FS-fs (loop4): Wrong secs_per_zone / total_sections (67108865, 24) [ 57.608796][ T124] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 57.622163][ T124] usb 3-1: Product: syz [ 57.626456][ T124] usb 3-1: Manufacturer: syz [ 57.628092][ T1493] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 57.631397][ T124] usb 3-1: SerialNumber: syz [ 57.646591][ T1493] F2FS-fs (loop4): invalid crc value [ 57.665035][ T1460] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6099: Corrupt filesystem [ 57.667652][ T1493] F2FS-fs (loop4): Found nat_bits in checkpoint [ 57.687605][ T5] r8152 2-1:0.0: Unknown version 0x0000 [ 57.688236][ T124] cdc_ether 3-1:1.1: skipping garbage [ 57.699914][ T5] usb 2-1: USB disconnect, device number 4 [ 57.701902][ T124] cdc_ether 3-1:1.1: skipping garbage [ 57.722311][ T124] usb 3-1: bad CDC descriptors [ 57.762126][ T1493] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 57.769536][ T1493] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 57.812575][ T1501] attempt to access beyond end of device [ 57.812575][ T1501] loop4: rw=2049, want=45104, limit=40427 [ 58.090279][ T5] usb 3-1: USB disconnect, device number 5 [ 58.221275][ T351] EXT4-fs error (device loop1): ext4_map_blocks:617: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1) [ 58.235581][ T351] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6099: Corrupt filesystem [ 58.350650][ T351] syz-executor (351) used greatest stack depth: 20568 bytes left [ 58.799572][ T1528] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.944005][ T1528] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.111852][ T1528] device bridge_slave_0 entered promiscuous mode [ 59.182672][ T1528] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.205711][ T1528] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.215905][ T1528] device bridge_slave_1 entered promiscuous mode [ 59.327141][ T1554] Module has invalid ELF structures [ 59.435905][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.443589][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.466271][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 59.475163][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.487658][ T388] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.494913][ T388] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.502835][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 59.527980][ T179] device bridge_slave_1 left promiscuous mode [ 59.534033][ T179] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.541577][ T179] device bridge_slave_0 left promiscuous mode [ 59.549526][ T13] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 59.557216][ T179] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.743602][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 59.752276][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.760670][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.767717][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.785428][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 59.793186][ T1150] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 59.797512][ T13] usb 3-1: Using ep0 maxpacket: 16 [ 59.800887][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.828736][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 59.837317][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 59.866635][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 59.875108][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 59.887374][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.895857][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.913710][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.922094][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.947854][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.956079][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.965609][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 59.973739][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.981794][ T388] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 60.077656][ T13] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 60.087045][ T13] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 60.094996][ T13] usb 3-1: Product: syz [ 60.098986][ T13] usb 3-1: Manufacturer: syz [ 60.103400][ T13] usb 3-1: SerialNumber: syz [ 60.108977][ T13] usb 3-1: config 0 descriptor?? [ 60.177746][ T1150] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 60.215924][ T1150] usb 1-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 60.249357][ T388] usb 4-1: Using ep0 maxpacket: 8 [ 60.282390][ T1150] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.332839][ T1150] usb 1-1: config 0 descriptor?? [ 60.377893][ T388] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 60.390114][ T1150] uvcvideo: Found UVC 0.00 device (046d:08c1) [ 60.396858][ T1150] uvcvideo: No valid video chain found. [ 60.402604][ T388] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16 [ 60.413275][ T388] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 60.484649][ T1551] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 60.497623][ T388] usb 4-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00 [ 60.506506][ T388] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 60.514974][ T388] usb 4-1: SerialNumber: syz [ 60.537962][ T1581] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 60.561422][ T388] hub 4-1:1.0: bad descriptor, ignoring hub [ 60.567826][ T388] hub: probe of 4-1:1.0 failed with error -5 [ 60.598677][ T1621] bridge0: port 3(gretap0) entered blocking state [ 60.604935][ T1621] bridge0: port 3(gretap0) entered disabled state [ 60.614691][ T1621] device gretap0 entered promiscuous mode [ 60.620817][ T1621] bridge0: port 3(gretap0) entered blocking state [ 60.627031][ T1621] bridge0: port 3(gretap0) entered forwarding state [ 60.662090][ T1621] device gretap0 left promiscuous mode [ 60.667954][ T1621] bridge0: port 3(gretap0) entered disabled state [ 60.784174][ T1579] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 60.810719][ T5] usb 1-1: USB disconnect, device number 6 [ 60.837565][ T13] r8152 3-1:0.0: Unknown version 0x0000 [ 60.844184][ T13] usb 3-1: USB disconnect, device number 6 [ 61.245237][ T1627] F2FS-fs (loop4): Wrong secs_per_zone / total_sections (67108865, 24) [ 61.253422][ T1627] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 61.264335][ T1627] F2FS-fs (loop4): invalid crc value [ 61.271344][ T1627] F2FS-fs (loop4): Found nat_bits in checkpoint [ 61.300170][ T388] cdc_ether 4-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.3-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 61.307880][ T1627] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 61.328980][ T1627] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 61.403039][ T354] EXT4-fs error (device loop2): ext4_map_blocks:617: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1) [ 61.417571][ T1629] attempt to access beyond end of device [ 61.417571][ T1629] loop4: rw=2049, want=45104, limit=40427 [ 61.452844][ T354] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6099: Corrupt filesystem [ 61.783359][ T23] kauditd_printk_skb: 71 callbacks suppressed [ 61.783411][ T23] audit: type=1400 audit(1719983492.200:327): avc: denied { mount } for pid=1642 comm="syz.1.396" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 61.812558][ T23] audit: type=1400 audit(1719983492.210:328): avc: denied { read } for pid=1642 comm="syz.1.396" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 61.834538][ T23] audit: type=1400 audit(1719983492.210:329): avc: denied { open } for pid=1642 comm="syz.1.396" path="/7/file0" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 61.856615][ T23] audit: type=1400 audit(1719983492.220:330): avc: denied { remount } for pid=1642 comm="syz.1.396" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 61.888721][ T23] audit: type=1400 audit(1719983492.460:331): avc: denied { read } for pid=1660 comm="sed" name="eth0.dhcp" dev="tmpfs" ino=10393 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 61.912561][ T23] audit: type=1400 audit(1719983492.480:332): avc: denied { open } for pid=1660 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=10393 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 61.938665][ T23] audit: type=1400 audit(1719983492.480:333): avc: denied { getattr } for pid=1660 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=10393 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 61.997641][ T388] usb 4-1: USB disconnect, device number 5 [ 62.000985][ T23] audit: type=1400 audit(1719983492.530:334): avc: denied { create } for pid=1644 comm="dhcpcd-run-hook" name="resolv.conf.usb0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 62.003609][ T388] cdc_ether 4-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.3-1, CDC Ethernet Device [ 62.053439][ T23] audit: type=1400 audit(1719983492.530:335): avc: denied { write } for pid=1644 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.usb0.link" dev="tmpfs" ino=21658 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 62.100287][ T23] audit: type=1400 audit(1719983492.530:336): avc: denied { append } for pid=1644 comm="dhcpcd-run-hook" name="resolv.conf.usb0.link" dev="tmpfs" ino=21658 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 62.210190][ T1658] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 62.231486][ T1658] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 62.231572][ T1666] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.252184][ T1658] F2FS-fs (loop0): invalid crc value [ 62.257599][ T1666] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.265014][ T1666] device bridge_slave_0 entered promiscuous mode [ 62.288984][ T1666] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.295825][ T1666] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.318423][ T1666] device bridge_slave_1 entered promiscuous mode [ 62.347998][ T1658] F2FS-fs (loop0): Found nat_bits in checkpoint [ 62.469769][ T1692] bridge0: port 3(gretap0) entered blocking state [ 62.476049][ T1692] bridge0: port 3(gretap0) entered disabled state [ 62.484805][ T1692] device gretap0 entered promiscuous mode [ 62.490954][ T1692] bridge0: port 3(gretap0) entered blocking state [ 62.497177][ T1692] bridge0: port 3(gretap0) entered forwarding state [ 62.521522][ T1692] device gretap0 left promiscuous mode [ 62.527202][ T1692] bridge0: port 3(gretap0) entered disabled state [ 62.717718][ T1658] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 62.737502][ T1658] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 62.785496][ T1658] attempt to access beyond end of device [ 62.785496][ T1658] loop0: rw=10241, want=45104, limit=40427 [ 62.807229][ T1658] attempt to access beyond end of device [ 62.807229][ T1658] loop0: rw=2049, want=45112, limit=40427 [ 62.824857][ T353] attempt to access beyond end of device [ 62.824857][ T353] loop0: rw=2049, want=40968, limit=40427 [ 62.892273][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.901734][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.915520][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 62.924223][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 62.932591][ T124] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.939466][ T124] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.954520][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 62.962283][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 62.978326][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 62.994934][ T124] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.001795][ T124] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.027891][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 63.036133][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.043984][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.054098][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 63.057650][ T5] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 63.073422][ T1699] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 63.087044][ T1699] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 63.098536][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 63.110532][ T1699] F2FS-fs (loop3): invalid crc value [ 63.117090][ T1150] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 63.126514][ T1150] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 63.138709][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 63.147323][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 63.156669][ T1699] F2FS-fs (loop3): Found nat_bits in checkpoint [ 63.165330][ T179] device bridge_slave_1 left promiscuous mode [ 63.173959][ T179] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.193721][ T179] device bridge_slave_0 left promiscuous mode [ 63.207605][ T179] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.245630][ T1699] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 63.252710][ T1699] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 63.431740][ T1715] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 63.444836][ T1715] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038 (0x7fffffff) [ 63.447616][ T5] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 63.468888][ T1715] EXT4-fs error (device loop1) in ext4_do_update_inode:5534: error 27 [ 63.484126][ T5] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 63.489432][ T1715] EXT4-fs error (device loop1) in ext4_do_update_inode:5534: error 27 [ 63.501370][ T388] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 63.501448][ T5] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.525721][ T5] usb 5-1: config 0 descriptor?? [ 63.568213][ T5] uvcvideo: Found UVC 0.00 device (046d:08c1) [ 63.578275][ T5] uvcvideo: No valid video chain found. [ 63.680426][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request. Check SNMP counters. [ 63.918931][ T13] usb 5-1: USB disconnect, device number 6 [ 63.977514][ T388] usb 1-1: Using ep0 maxpacket: 16 [ 64.076785][ T1743] bridge0: port 3(gretap0) entered blocking state [ 64.083161][ T1743] bridge0: port 3(gretap0) entered disabled state [ 64.092608][ T1743] device gretap0 entered promiscuous mode [ 64.098688][ T1743] bridge0: port 3(gretap0) entered blocking state [ 64.104901][ T1743] bridge0: port 3(gretap0) entered forwarding state [ 64.135718][ T1743] device gretap0 left promiscuous mode [ 64.141519][ T1743] bridge0: port 3(gretap0) entered disabled state [ 64.367575][ T388] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 64.376488][ T388] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 64.384271][ T388] usb 1-1: Product: syz [ 64.388266][ T388] usb 1-1: Manufacturer: syz [ 64.392649][ T388] usb 1-1: SerialNumber: syz [ 64.397980][ T388] usb 1-1: config 0 descriptor?? [ 64.522615][ T1749] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 64.865161][ T1710] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 64.900849][ T1752] EXT4-fs error (device loop1): ext4_orphan_get:1260: comm syz.1.421: bad orphan inode 8192 [ 64.912511][ T1760] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 64.923888][ T1760] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038 (0x7fffffff) [ 64.927781][ T1752] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 64.969754][ T1760] process 'syz.3.422' launched '/dev/fd/4' with NULL argv: empty string added [ 64.979958][ T1772] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6099: Corrupt filesystem [ 65.017563][ T388] r8152 1-1:0.0: Unknown version 0x0000 [ 65.023911][ T388] usb 1-1: USB disconnect, device number 7 [ 65.372868][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request. Check SNMP counters. [ 65.427041][ T1789] mip6: mip6_destopt_init_state: state's mode is not 2: 0 [ 65.593098][ T1796] bridge0: port 3(gretap0) entered blocking state [ 65.599542][ T1796] bridge0: port 3(gretap0) entered disabled state [ 65.608897][ T1796] device gretap0 entered promiscuous mode [ 65.614868][ T1796] bridge0: port 3(gretap0) entered blocking state [ 65.621123][ T1796] bridge0: port 3(gretap0) entered forwarding state [ 65.649808][ T1796] device gretap0 left promiscuous mode [ 65.655716][ T1796] bridge0: port 3(gretap0) entered disabled state [ 65.757940][ T1781] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 65.765841][ T1781] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 65.795619][ T1781] F2FS-fs (loop1): invalid crc value [ 65.821605][ T1781] F2FS-fs (loop1): Found nat_bits in checkpoint [ 65.857545][ T1781] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 65.864425][ T1781] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 65.895141][ T1781] attempt to access beyond end of device [ 65.895141][ T1781] loop1: rw=10241, want=45104, limit=40427 [ 65.906897][ T1781] attempt to access beyond end of device [ 65.906897][ T1781] loop1: rw=2049, want=45112, limit=40427 [ 65.927136][ T353] EXT4-fs error (device loop0): ext4_map_blocks:617: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1) [ 65.944728][ T353] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6099: Corrupt filesystem [ 65.955512][ T1528] attempt to access beyond end of device [ 65.955512][ T1528] loop1: rw=2049, want=40968, limit=40427 [ 65.989113][ T1805] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 65.998010][ T1805] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038 (0x7fffffff) [ 66.119417][ T1810] EXT4-fs error (device loop4): ext4_orphan_get:1260: comm syz.4.438: bad orphan inode 8192 [ 66.133757][ T1810] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 66.201687][ T1815] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.209244][ T1815] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.216528][ T1815] device bridge_slave_0 entered promiscuous mode [ 66.225623][ T1815] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.232620][ T1815] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.240180][ T1815] device bridge_slave_1 entered promiscuous mode [ 66.284332][ T1822] mip6: mip6_destopt_init_state: state's mode is not 2: 0 [ 66.348782][ T106] cfg80211: failed to load regulatory.db [ 66.554364][ T1829] xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables [ 66.599016][ T1829] xt_CT: You must specify a L4 protocol and not use inversions on it [ 66.637325][ T1815] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.644197][ T1815] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.651364][ T1815] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.658325][ T1815] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.887742][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 66.898833][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.906448][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.955385][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 66.963421][ T378] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.970270][ T378] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.977720][ T653] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 66.985494][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 66.993980][ T378] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.000818][ T378] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.015957][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 67.023969][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 67.037066][ T106] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 67.045339][ T106] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 67.063904][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 67.072315][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 67.083817][ T106] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 67.092085][ T106] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 67.101792][ T1846] EXT4-fs error (device loop3): ext4_orphan_get:1260: comm syz.3.450: bad orphan inode 8192 [ 67.112396][ T1846] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 67.148324][ T106] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 67.149105][ T1851] mip6: mip6_destopt_init_state: state's mode is not 2: 0 [ 67.156495][ T106] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 67.173083][ T179] device bridge_slave_1 left promiscuous mode [ 67.179262][ T179] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.186654][ T179] device bridge_slave_0 left promiscuous mode [ 67.192873][ T179] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.230436][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request. Check SNMP counters. [ 67.244362][ T653] usb 2-1: Using ep0 maxpacket: 8 [ 67.450666][ T1858] bridge0: port 3(gretap0) entered blocking state [ 67.456923][ T1858] bridge0: port 3(gretap0) entered disabled state [ 67.463844][ T1858] device gretap0 entered promiscuous mode [ 67.469847][ T1858] bridge0: port 3(gretap0) entered blocking state [ 67.476067][ T1858] bridge0: port 3(gretap0) entered forwarding state [ 67.526854][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 67.535704][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 67.544347][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 67.552319][ T653] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 67.564003][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 67.572765][ T653] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16 [ 67.830160][ T653] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 67.917966][ T653] usb 2-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00 [ 67.928642][ T1881] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 67.940365][ T653] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 67.949123][ T653] usb 2-1: SerialNumber: syz [ 67.955036][ T1881] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 67.967718][ T1840] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 67.988097][ T653] hub 2-1:1.0: bad descriptor, ignoring hub [ 67.993942][ T653] hub: probe of 2-1:1.0 failed with error -5 [ 68.199292][ T1840] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 68.700102][ T653] cdc_ether 2-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.1-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 68.728212][ T1898] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 68.736177][ T1898] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 68.773305][ T1898] F2FS-fs (loop0): invalid crc value [ 69.017558][ T1898] F2FS-fs (loop0): Found nat_bits in checkpoint [ 69.075312][ T1898] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 69.082277][ T1898] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 69.130428][ T1898] attempt to access beyond end of device [ 69.130428][ T1898] loop0: rw=10241, want=45104, limit=40427 [ 69.142221][ T376] usb 2-1: USB disconnect, device number 5 [ 69.143060][ T1898] attempt to access beyond end of device [ 69.143060][ T1898] loop0: rw=2049, want=45112, limit=40427 [ 69.148202][ T376] cdc_ether 2-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.1-1, CDC Ethernet Device [ 69.170238][ T1815] attempt to access beyond end of device [ 69.170238][ T1815] loop0: rw=2049, want=40968, limit=40427 [ 69.518459][ T1927] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 69.531823][ T1927] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 69.592568][ T1941] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 69.601399][ T1941] ext4 filesystem being mounted at /20/bus supports timestamps until 2038 (0x7fffffff) [ 69.863197][ T23] kauditd_printk_skb: 18 callbacks suppressed [ 69.863236][ T23] audit: type=1400 audit(1719983500.410:355): avc: denied { setattr } for pid=1940 comm="syz.2.477" name="bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 70.130542][ T23] audit: type=1400 audit(1719983500.430:356): avc: denied { remove_name } for pid=1940 comm="syz.2.477" name="file0" dev="loop2" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 70.195795][ T23] audit: type=1400 audit(1719983500.730:357): avc: denied { getopt } for pid=1981 comm="syz.4.484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 70.649443][ T1997] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 70.663858][ T1997] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 70.680383][ T2003] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 70.694937][ T2003] overlayfs: conflicting lowerdir path [ 71.107593][ T653] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 71.139016][ T2013] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 71.152406][ T23] audit: type=1400 audit(1719983501.720:358): avc: denied { ioctl } for pid=2010 comm="syz.1.495" path="/23/file0/file0/file0" dev="loop1" ino=13 ioctlcmd=0x6685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 71.166461][ T2013] fs-verity: sha256 using implementation "sha256-avx2" [ 71.193427][ T2029] fuse: Unknown parameter 'üí|g¶+Þ{W œdØ' [ 71.198255][ T2013] fs-verity (loop1, inode 13): Error -27 writing Merkle tree block 2160165643 [ 71.208382][ T2013] fs-verity (loop1, inode 13): Error -27 building Merkle tree [ 71.219063][ T23] audit: type=1400 audit(1719983501.790:359): avc: denied { remount } for pid=2028 comm="syz.0.500" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 71.245139][ T23] audit: type=1400 audit(1719983501.810:360): avc: denied { map } for pid=2031 comm="syz.4.501" path="socket:[24291]" dev="sockfs" ino=24291 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 71.268308][ T23] audit: type=1400 audit(1719983501.810:361): avc: denied { read } for pid=2031 comm="syz.4.501" path="socket:[24291]" dev="sockfs" ino=24291 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 71.297736][ T23] audit: type=1326 audit(1719983501.860:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2028 comm="syz.0.500" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8a54948b99 code=0x0 [ 71.361795][ T96] Bluetooth: hci0: sending frame failed (-49) [ 71.377534][ T653] usb 3-1: Using ep0 maxpacket: 8 [ 71.497683][ T653] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 71.508942][ T653] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16 [ 71.519001][ T653] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 71.727861][ T653] usb 3-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00 [ 71.765687][ T653] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 71.794855][ T23] audit: type=1400 audit(1719983502.360:363): avc: denied { setattr } for pid=2051 comm="syz.3.508" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 71.802929][ T653] usb 3-1: SerialNumber: syz [ 71.837620][ T2005] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 71.858297][ T653] hub 3-1:1.0: bad descriptor, ignoring hub [ 71.864059][ T653] hub: probe of 3-1:1.0 failed with error -5 [ 71.905467][ T23] audit: type=1400 audit(1719983502.470:364): avc: denied { set_context_mgr } for pid=2053 comm="syz.3.509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 71.909023][ T2054] binder: transaction release 10 bad handle 1, ret = -22 [ 72.058828][ T2005] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 72.465978][ T2083] binder: transaction release 19 bad handle 1, ret = -22 [ 72.505461][ T2087] netlink: 20 bytes leftover after parsing attributes in process `syz.4.522'. [ 72.530998][ T2090] fuse: Unknown parameter 'üí|g¶+Þ{W œdØ' [ 72.819908][ T653] cdc_ether 3-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.2-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 73.138030][ T372] usb 3-1: USB disconnect, device number 7 [ 73.157537][ T372] cdc_ether 3-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.2-1, CDC Ethernet Device [ 73.388373][ T653] Bluetooth: hci0: command 0x1003 tx timeout [ 73.395450][ T2041] Bluetooth: hci0: sending frame failed (-49) [ 73.817616][ T179] attempt to access beyond end of device [ 73.817616][ T179] loop0: rw=1, want=260, limit=256 [ 73.892850][ T2147] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 73.907845][ T2147] overlayfs: conflicting lowerdir path [ 73.974685][ T2154] binder: transaction release 28 bad handle 1, ret = -22 [ 74.003426][ T2160] netlink: 20 bytes leftover after parsing attributes in process `syz.0.533'. [ 74.106570][ T2143] F2FS-fs (loop4): Found nat_bits in checkpoint [ 74.161979][ T2143] F2FS-fs (loop4): Mounted with checkpoint version = 753bd00b [ 74.291391][ T2183] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 74.305887][ T2183] overlayfs: conflicting lowerdir path [ 74.398180][ T2190] binder: transaction release 37 bad handle 1, ret = -22 [ 74.421069][ T2192] netlink: 20 bytes leftover after parsing attributes in process `syz.3.545'. [ 74.487633][ T376] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 74.541340][ T2196] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 74.551059][ T2196] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038 (0x7fffffff) [ 74.621249][ T2196] syz.3.547 (2196) used greatest stack depth: 20120 bytes left [ 74.658426][ T2209] usb usb7: usbfs: process 2209 (syz.3.550) did not claim interface 2 before use [ 74.736637][ T2213] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 74.750756][ T376] usb 3-1: Using ep0 maxpacket: 8 [ 74.766953][ T2213] overlayfs: conflicting lowerdir path [ 74.804435][ T2220] netlink: 4 bytes leftover after parsing attributes in process `syz.4.555'. [ 75.048868][ T821] attempt to access beyond end of device [ 75.048868][ T821] loop0: rw=1, want=260, limit=256 [ 75.059978][ T2224] binder: transaction release 46 bad handle 1, ret = -22 [ 75.067591][ T376] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 75.078600][ T376] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16 [ 75.088552][ T376] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 75.112962][ T2228] netlink: 20 bytes leftover after parsing attributes in process `syz.0.557'. [ 75.153398][ T2235] usb usb7: usbfs: process 2235 (syz.0.561) did not claim interface 2 before use [ 75.177624][ T376] usb 3-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00 [ 75.186534][ T376] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 75.194865][ T376] usb 3-1: SerialNumber: syz [ 75.227948][ T2180] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 75.248263][ T376] hub 3-1:1.0: bad descriptor, ignoring hub [ 75.254102][ T376] hub: probe of 3-1:1.0 failed with error -5 [ 75.286457][ T23] kauditd_printk_skb: 18 callbacks suppressed [ 75.286469][ T23] audit: type=1400 audit(1719983505.850:383): avc: denied { create } for pid=2243 comm="syz.0.565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 75.333544][ T2248] netlink: 4 bytes leftover after parsing attributes in process `syz.0.567'. [ 75.387513][ T388] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 75.416317][ T2253] netlink: 20 bytes leftover after parsing attributes in process `syz.0.569'. [ 75.434327][ T23] audit: type=1400 audit(1719983506.000:384): avc: denied { mount } for pid=2254 comm="syz.0.570" name="/" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 75.457599][ T2180] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 75.467577][ T5] Bluetooth: hci0: command 0x1001 tx timeout [ 75.472120][ T2259] usb usb7: usbfs: process 2259 (syz.0.572) did not claim interface 2 before use [ 75.473627][ T2041] Bluetooth: hci0: sending frame failed (-49) [ 75.627512][ T388] usb 5-1: Using ep0 maxpacket: 8 [ 75.758671][ T2276] netlink: 4 bytes leftover after parsing attributes in process `syz.3.579'. [ 75.778127][ T388] usb 5-1: config 1 has an invalid descriptor of length 173, skipping remainder of the config [ 75.877603][ T388] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 75.886640][ T388] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 75.894918][ T388] usb 5-1: SerialNumber: syz [ 75.942230][ T388] usb 5-1: bad CDC descriptors [ 75.969825][ T376] cdc_ether 3-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.2-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 76.051648][ T2290] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 76.060760][ T2290] EXT4-fs (loop3): orphan cleanup on readonly fs [ 76.068764][ T2290] EXT4-fs error (device loop3): __ext4_get_inode_loc:4710: comm syz.3.585: Invalid inode table block 0 in block_group 0 [ 76.081383][ T2290] EXT4-fs (loop3): Remounting filesystem read-only [ 76.087931][ T2290] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6099: Corrupt filesystem [ 76.097824][ T2290] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:455: comm syz.3.585: Invalid block bitmap block 0 in block_group 0 [ 76.111674][ T2290] Quota error (device loop3): write_blk: dquota write failed [ 76.119220][ T2290] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 76.129169][ T2290] EXT4-fs (loop3): 1 truncate cleaned up [ 76.134797][ T2290] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000000,stripe=0x0000000000000000,grpid,errors=remount-ro,noblock_validity,block_validity,minixdf,noauto_da_alloc, [ 76.140705][ T376] usb 5-1: USB disconnect, device number 7 [ 76.164025][ T2290] EXT4-fs error (device loop3): ext4_search_dir:1509: inode #2: block 16: comm syz.3.585: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 76.212008][ T2290] syz.3.585 (2290) used greatest stack depth: 19312 bytes left [ 76.271614][ T106] usb 3-1: USB disconnect, device number 8 [ 76.283191][ T106] cdc_ether 3-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.2-1, CDC Ethernet Device [ 76.436991][ T2330] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 76.447622][ T2330] ext4 filesystem being mounted at /97/bus supports timestamps until 2038 (0x7fffffff) [ 77.146814][ T2371] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.153724][ T2371] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.161338][ T2371] device bridge_slave_0 entered promiscuous mode [ 77.168644][ T2371] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.175537][ T2371] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.183808][ T2371] device bridge_slave_1 entered promiscuous mode [ 77.317924][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.326427][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.471138][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 77.481494][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 77.883813][ T23] audit: type=1400 audit(1719983508.370:385): avc: denied { lock } for pid=2381 comm="syz.0.602" path="socket:[26309]" dev="sockfs" ino=26309 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 77.904876][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.935418][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.944292][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 77.954123][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 77.962728][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.969582][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.977401][ T23] audit: type=1400 audit(1719983508.430:386): avc: denied { listen } for pid=2381 comm="syz.0.602" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 78.058267][ T376] Bluetooth: hci0: command 0x1009 tx timeout [ 78.074140][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 78.081794][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 78.090018][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 78.099815][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 78.108504][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 78.135250][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 78.150318][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 78.171188][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 78.218663][ T7] bridge0: port 3(gretap0) entered disabled state [ 78.250061][ T7] device gretap0 left promiscuous mode [ 78.259041][ T7] bridge0: port 3(gretap0) entered disabled state [ 78.267400][ T2388] capability: warning: `syz.3.603' uses deprecated v2 capabilities in a way that may be insecure [ 78.288517][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 78.298257][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 78.316761][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 78.378554][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 78.446997][ T2398] bridge0: port 3(erspan0) entered blocking state [ 78.454040][ T2398] bridge0: port 3(erspan0) entered disabled state [ 78.475830][ T2398] device erspan0 entered promiscuous mode [ 78.487681][ T2398] bridge0: port 3(erspan0) entered blocking state [ 78.493912][ T2398] bridge0: port 3(erspan0) entered forwarding state [ 78.538522][ T7] device bridge_slave_1 left promiscuous mode [ 78.544588][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.570279][ T7] device bridge_slave_0 left promiscuous mode [ 78.580401][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.601498][ T2412] EXT4-fs: Warning: mounting with data=journal disables delayed allocation and O_DIRECT support! [ 78.644271][ T2412] EXT4-fs (loop0): orphan cleanup on readonly fs [ 78.651668][ T2412] Quota error (device loop0): v2_read_file_info: Can't read info structure [ 78.660219][ T2412] EXT4-fs warning (device loop0): ext4_enable_quotas:6100: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix. [ 78.674557][ T2412] EXT4-fs (loop0): Cannot turn on quotas: error -5 [ 78.693854][ T2412] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz.0.613: bg 0: block 64: padding at end of block bitmap is not set [ 78.722190][ T2412] EXT4-fs error (device loop0) in ext4_free_blocks:5019: Corrupt filesystem [ 78.731032][ T2412] EXT4-fs (loop0): 1 orphan inode deleted [ 78.736707][ T2412] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 78.766622][ T2410] netlink: 4 bytes leftover after parsing attributes in process `syz.4.612'. [ 78.775811][ T2414] netlink: 44378 bytes leftover after parsing attributes in process `syz.3.611'. [ 79.054029][ T2430] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 79.101364][ T2430] EXT4-fs error (device loop3): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 79.115927][ T2430] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28 [ 79.128241][ T2430] EXT4-fs (loop3): This should not happen!! Data will be lost [ 79.128241][ T2430] [ 79.138595][ T2430] EXT4-fs (loop3): Total free blocks count 0 [ 79.144383][ T2430] EXT4-fs (loop3): Free/Dirty block details [ 79.151951][ T2430] EXT4-fs (loop3): free_blocks=2415919104 [ 79.163261][ T2430] EXT4-fs (loop3): dirty_blocks=16 [ 79.168415][ T2430] EXT4-fs (loop3): Block reservation details [ 79.174231][ T2430] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 79.563336][ T2464] netlink: 44378 bytes leftover after parsing attributes in process `syz.0.632'. [ 79.688143][ T821] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2 with max blocks 4 with error 28 [ 79.703198][ T821] EXT4-fs (loop3): This should not happen!! Data will be lost [ 79.703198][ T821] [ 79.834518][ T2476] EXT4-fs (loop2): mounted filesystem without journal. Opts: commit=0x0000000000000005,,errors=continue [ 79.856422][ T2490] [ 79.859813][ T2490] ********************************************************** [ 79.874037][ T2490] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** [ 79.882135][ T2490] ** ** [ 79.889524][ T2490] ** trace_printk() being used. Allocating extra memory. ** [ 79.897138][ T2490] ** ** [ 79.910469][ T2490] ** This means that this is a DEBUG kernel and it is ** [ 79.918083][ T2490] ** unsafe for production use. ** [ 79.927021][ T2490] ** ** [ 79.936037][ T2492] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 79.948375][ T2490] ** If you see this message and you are not debugging ** [ 79.962809][ T2492] EXT4-fs (loop3): error: journal path ./bus is not a block device [ 79.970807][ T2490] ** the kernel, report this immediately to your vendor! ** [ 79.972740][ T2499] netlink: 'syz.2.645': attribute type 8 has an invalid length. [ 79.991442][ T2490] ** ** [ 79.998763][ T2490] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** [ 80.005938][ T2490] ********************************************************** [ 81.013646][ T2531] EXT4-fs (loop3): mounted filesystem without journal. Opts: commit=0x0000000000000005,,errors=continue [ 81.200259][ T23] audit: type=1400 audit(1719983511.770:387): avc: denied { name_bind } for pid=2551 comm="syz.3.662" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 81.248909][ T2555] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 81.262700][ T2555] EXT4-fs (loop0): error: journal path ./bus is not a block device [ 81.509658][ T2563] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 81.518893][ T2563] ext4 filesystem being mounted at /10/file0 supports timestamps until 2038 (0x7fffffff) [ 81.650037][ T2564] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 81.652551][ T2571] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.669664][ T2571] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.677156][ T2571] device bridge_slave_0 entered promiscuous mode [ 81.684404][ T2571] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.692729][ T2571] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.703764][ T2571] device bridge_slave_1 entered promiscuous mode [ 81.728575][ T2572] EXT4-fs (loop2): mounted filesystem without journal. Opts: commit=0x0000000000000005,,errors=continue [ 81.914942][ T2564] EXT4-fs error (device loop3): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 81.944838][ T2564] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28 [ 81.958821][ T2564] EXT4-fs (loop3): This should not happen!! Data will be lost [ 81.958821][ T2564] [ 81.993164][ T2564] EXT4-fs (loop3): Total free blocks count 0 [ 82.014180][ T2564] EXT4-fs (loop3): Free/Dirty block details [ 82.023348][ T2564] EXT4-fs (loop3): free_blocks=2415919104 [ 82.030297][ T2564] EXT4-fs (loop3): dirty_blocks=16 [ 82.035500][ T2564] EXT4-fs (loop3): Block reservation details [ 82.052810][ T2564] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 82.133768][ T2571] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.140641][ T2571] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.147797][ T2571] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.154636][ T2571] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.473029][ T372] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.480647][ T372] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.493183][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 82.504548][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 82.522552][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 82.532288][ T372] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.536441][ T2594] kvm: emulating exchange as write [ 82.539191][ T372] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.552365][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 82.565120][ T372] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.571973][ T372] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.591080][ T179] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2 with max blocks 4 with error 28 [ 82.603305][ T179] EXT4-fs (loop3): This should not happen!! Data will be lost [ 82.603305][ T179] [ 82.636423][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 82.653536][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 82.662012][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 82.689946][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 82.698337][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 82.789608][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 82.798339][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 82.820251][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 82.830673][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 82.839453][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 82.848337][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 82.862251][ T2615] EXT4-fs (loop0): mounted filesystem without journal. Opts: commit=0x0000000000000005,,errors=continue [ 82.989810][ T2627] syz.2.682[2627] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 82.990783][ T2627] syz.2.682[2627] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 83.154053][ T2624] EXT4-fs (loop3): orphan cleanup on readonly fs [ 83.173730][ T2624] Quota error (device loop3): v2_read_file_info: Can't read info structure [ 83.173937][ T106] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 83.182645][ T2624] EXT4-fs warning (device loop3): ext4_enable_quotas:6100: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix. [ 83.190864][ T106] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 83.206242][ T2624] EXT4-fs (loop3): Cannot turn on quotas: error -5 [ 83.219561][ T2624] EXT4-fs error (device loop3): ext4_validate_block_bitmap:418: comm syz.3.684: bg 0: block 64: padding at end of block bitmap is not set [ 83.219657][ T2630] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 83.233922][ T2624] EXT4-fs error (device loop3) in ext4_free_blocks:5019: Corrupt filesystem [ 83.249974][ T2624] EXT4-fs (loop3): 1 orphan inode deleted [ 83.255560][ T2624] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 83.264666][ T2630] EXT4-fs (loop4): error: journal path ./bus is not a block device [ 83.398208][ T821] device bridge_slave_1 left promiscuous mode [ 83.409265][ T821] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.436677][ T821] device bridge_slave_0 left promiscuous mode [ 83.442878][ T821] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.969809][ T2662] EXT4-fs (loop3): mounted filesystem without journal. Opts: commit=0x0000000000000005,,errors=continue [ 84.146198][ T106] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 84.209046][ T23] audit: type=1400 audit(1719983514.780:388): avc: denied { map } for pid=2692 comm="syz.0.707" path="socket:[29255]" dev="sockfs" ino=29255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 84.271224][ T2695] syz.4.702[2695] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 84.271519][ T2695] syz.4.702[2695] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 84.358658][ T2689] device sit0 entered promiscuous mode [ 84.435236][ T23] audit: type=1400 audit(1719983514.780:389): avc: denied { read } for pid=2692 comm="syz.0.707" path="socket:[29255]" dev="sockfs" ino=29255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 84.460087][ T106] usb 2-1: Using ep0 maxpacket: 8 [ 84.509265][ T23] audit: type=1400 audit(1719983515.050:390): avc: denied { write } for pid=2698 comm="syz.3.710" name="001" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 84.537009][ T2705] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 84.542438][ T2703] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 84.551745][ T2703] EXT4-fs (loop2): error: journal path ./bus is not a block device [ 84.607593][ T106] usb 2-1: config index 0 descriptor too short (expected 5924, got 36) [ 84.615815][ T106] usb 2-1: config 250 has an invalid interface number: 228 but max is -1 [ 84.624390][ T106] usb 2-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 84.633619][ T106] usb 2-1: config 250 has no interface number 0 [ 84.651265][ T106] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 84.672134][ T106] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 84.682481][ T106] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 26 [ 84.692714][ T106] usb 2-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 84.799768][ T106] usb 2-1: config 250 interface 228 has no altsetting 0 [ 85.707493][ T5] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 85.791983][ T23] audit: type=1400 audit(1719983516.360:391): avc: denied { ioctl } for pid=2732 comm="syz.2.722" path="socket:[29406]" dev="sockfs" ino=29406 ioctlcmd=0x8930 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 85.840672][ T106] usb 2-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 85.849589][ T106] usb 2-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 85.857864][ T2736] device sit0 left promiscuous mode [ 85.859673][ T106] usb 2-1: Product: syz [ 85.877720][ T106] usb 2-1: SerialNumber: syz [ 85.885244][ T23] audit: type=1400 audit(1719983516.450:392): avc: denied { create } for pid=2737 comm="syz.3.724" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 85.908174][ T23] audit: type=1400 audit(1719983516.470:393): avc: denied { setopt } for pid=2737 comm="syz.3.724" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 85.938300][ T106] hub 2-1:250.228: bad descriptor, ignoring hub [ 85.944395][ T106] hub: probe of 2-1:250.228 failed with error -5 [ 85.950897][ T23] audit: type=1400 audit(1719983516.470:394): avc: denied { write } for pid=2737 comm="syz.3.724" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 85.957575][ T5] usb 1-1: Using ep0 maxpacket: 8 [ 85.987072][ T2736] device sit0 entered promiscuous mode [ 86.097631][ T5] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 86.117558][ T5] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16 [ 86.127360][ T5] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 86.169334][ T106] usblp 2-1:250.228: usblp0: USB Bidirectional printer dev 6 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 86.394713][ T23] audit: type=1400 audit(1719983516.960:395): avc: denied { read write } for pid=2637 comm="syz.1.687" name="lp0" dev="devtmpfs" ino=29800 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 86.418253][ T5] usb 1-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00 [ 86.427173][ T5] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 86.436043][ T5] usb 1-1: SerialNumber: syz [ 86.456569][ T23] audit: type=1400 audit(1719983516.960:396): avc: denied { open } for pid=2637 comm="syz.1.687" path="/dev/usb/lp0" dev="devtmpfs" ino=29800 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 86.487935][ T2753] syz.4.727[2753] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.488228][ T2753] syz.4.727[2753] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.550561][ T376] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 86.707606][ T2712] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 86.728141][ T5] hub 1-1:1.0: bad descriptor, ignoring hub [ 86.734974][ T5] hub: probe of 1-1:1.0 failed with error -5 [ 86.907551][ T376] usb 4-1: Using ep0 maxpacket: 32 [ 86.950407][ T2712] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 87.027587][ T376] usb 4-1: config 0 has an invalid interface number: 60 but max is 1 [ 87.044980][ T376] usb 4-1: config 0 has no interface number 1 [ 87.045719][ T2756] EXT4-fs (loop2): Test dummy encryption mode enabled [ 87.075393][ T376] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 87.086279][ T376] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 87.095975][ T376] usb 4-1: config 0 interface 60 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 87.137730][ T2756] EXT4-fs error (device loop2): ext4_ext_check_inode:540: inode #15: comm syz.2.728: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 87.166080][ T2756] EXT4-fs (loop2): Remounting filesystem read-only [ 87.176027][ T2756] EXT4-fs error (device loop2): ext4_orphan_get:1240: comm syz.2.728: couldn't read orphan inode 15 (err -117) [ 87.197692][ T2756] EXT4-fs (loop2): mounted filesystem without journal. Opts: user_xattr,test_dummy_encryption,nombcache,jqfmt=vfsv0,lazytime,errors=remount-ro,auto_da_alloc, [ 87.213513][ T2756] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038 (0x7fffffff) [ 87.237563][ T2638] usb 2-1: reset high-speed USB device number 6 using dummy_hcd [ 87.270180][ T2756] fscrypt: AES-256-CTS-CBC using implementation "cts(cbc-aes-aesni)" [ 87.308932][ T2756] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 87.347784][ T376] usb 4-1: string descriptor 0 read error: -22 [ 87.353837][ T376] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=43.2a [ 87.372769][ T376] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 87.390808][ T376] usb 4-1: config 0 descriptor?? [ 87.452710][ T23] audit: type=1400 audit(1719983518.020:397): avc: denied { create } for pid=2711 comm="syz.0.715" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 87.461463][ T5] cdc_ether 1-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 87.493186][ T23] audit: type=1400 audit(1719983518.020:398): avc: denied { write } for pid=2711 comm="syz.0.715" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 87.514973][ T2638] usb 2-1: Using ep0 maxpacket: 8 [ 87.545283][ T23] audit: type=1400 audit(1719983518.020:399): avc: denied { nlmsg_write } for pid=2711 comm="syz.0.715" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 87.642169][ T5] usb 4-1: USB disconnect, device number 6 [ 87.687916][ T372] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 87.907660][ T388] usb 1-1: USB disconnect, device number 8 [ 87.937526][ T372] usb 3-1: Using ep0 maxpacket: 8 [ 88.067652][ T372] usb 3-1: config 1 has an invalid descriptor of length 173, skipping remainder of the config [ 88.098321][ T2783] F2FS-fs (loop4): Invalid segment/section count (31, 24 x 0) [ 88.105902][ T2783] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 88.114376][ T2783] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x2010) [ 88.122519][ T2783] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 88.167597][ T372] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 88.176428][ T372] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 88.184286][ T372] usb 3-1: SerialNumber: syz [ 88.228229][ T372] usb 3-1: bad CDC descriptors [ 88.266713][ T2798] cgroup: syz.3.735 (2798) created nested cgroup for controller "memory" which has incomplete hierarchy support. Nested cgroups may change behavior in the future. [ 88.283084][ T2798] cgroup: "memory" requires setting use_hierarchy to 1 on the root [ 88.333971][ T23] audit: type=1400 audit(1719983518.900:400): avc: denied { execmem } for pid=2805 comm="syz.4.739" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 88.430262][ T5] usb 3-1: USB disconnect, device number 9 [ 88.514759][ T2813] syz.4.739 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 89.315066][ T23] audit: type=1400 audit(1719983519.880:401): avc: denied { unmount } for pid=2371 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 89.383416][ T2830] F2FS-fs (loop2): Invalid segment/section count (31, 24 x 0) [ 89.391797][ T2830] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 89.400185][ T2830] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x2010) [ 89.408617][ T2830] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 89.422797][ T2839] EXT4-fs (loop4): Test dummy encryption mode enabled [ 89.433302][ T2839] EXT4-fs error (device loop4): ext4_ext_check_inode:540: inode #15: comm syz.4.752: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 89.451148][ T2839] EXT4-fs (loop4): Remounting filesystem read-only [ 89.457584][ T2839] EXT4-fs error (device loop4): ext4_orphan_get:1240: comm syz.4.752: couldn't read orphan inode 15 (err -117) [ 89.470396][ T2839] EXT4-fs (loop4): mounted filesystem without journal. Opts: user_xattr,test_dummy_encryption,nombcache,jqfmt=vfsv0,lazytime,errors=remount-ro,auto_da_alloc, [ 89.492613][ T2839] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038 (0x7fffffff) [ 89.757597][ T376] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 89.997495][ T376] usb 3-1: Using ep0 maxpacket: 8 [ 90.117573][ T376] usb 3-1: config 1 has an invalid descriptor of length 173, skipping remainder of the config [ 90.207599][ T376] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 90.216457][ T376] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 90.224376][ T376] usb 3-1: SerialNumber: syz [ 90.268237][ T376] usb 3-1: bad CDC descriptors [ 90.474064][ T376] usb 3-1: USB disconnect, device number 10 [ 91.004391][ T23] audit: type=1400 audit(1719983521.570:402): avc: denied { ioctl } for pid=2849 comm="syz.2.754" path="socket:[30098]" dev="sockfs" ino=30098 ioctlcmd=0x48c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 92.169571][ T388] cdc_ether 1-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [ 92.218332][ T23] audit: type=1400 audit(1719983522.790:403): avc: denied { bind } for pid=2875 comm="syz.0.764" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 92.249460][ T23] audit: type=1400 audit(1719983522.790:404): avc: denied { node_bind } for pid=2875 comm="syz.0.764" saddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 92.407781][ T2886] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 92.735548][ T2941] kvm [2940]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010005 data 0x0 [ 92.757561][ T2638] usb 2-1: failed to restore interface 228 altsetting 255 (error=-110) [ 92.766297][ T106] usb 2-1: USB disconnect, device number 6 [ 92.777289][ T106] usblp0: removed [ 92.942042][ T2951] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 93.397665][ T23] audit: type=1400 audit(1719983523.860:405): avc: denied { bind } for pid=2979 comm="syz.1.807" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 93.428543][ T23] audit: type=1400 audit(1719983523.870:406): avc: denied { create } for pid=2979 comm="syz.1.807" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 93.599706][ T3003] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 93.610482][ T2992] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 93.633849][ T23] audit: type=1400 audit(1719983524.200:407): avc: denied { read } for pid=2984 comm="syz.2.809" name="msr" dev="devtmpfs" ino=9188 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 93.962120][ T2992] Zero length message leads to an empty skb [ 93.975442][ T23] audit: type=1400 audit(1719983524.200:408): avc: denied { open } for pid=2984 comm="syz.2.809" path="/dev/cpu/0/msr" dev="devtmpfs" ino=9188 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 94.114973][ T3014] EXT4-fs (loop0): orphan cleanup on readonly fs [ 94.121315][ T3014] EXT4-fs error (device loop0): ext4_orphan_get:1260: comm syz.0.819: bad orphan inode 256 [ 94.131780][ T3014] EXT4-fs (loop0): mounted filesystem without journal. Opts: resuid=0x0000000000000000,,errors=continue [ 94.275061][ T3028] overlayfs: failed to resolve '/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 94.486890][ T3034] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option [ 94.582318][ T3034] EXT4-fs (loop1): error: journal path ./bus is not a block device [ 94.593941][ T23] audit: type=1400 audit(1719983525.160:409): avc: denied { connect } for pid=3048 comm="syz.0.832" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 94.665106][ T23] audit: type=1400 audit(1719983525.230:410): avc: denied { wake_alarm } for pid=3056 comm="syz.4.837" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 94.721980][ T3043] EXT4-fs (loop2): 1 orphan inode deleted [ 94.727635][ T3043] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota, [ 94.746453][ T3043] ext4 filesystem being mounted at /99/file1 supports timestamps until 2038 (0x7fffffff) [ 95.131029][ T3068] overlayfs: failed to resolve '/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 95.144231][ T3043] EXT4-fs error (device loop2): ext4_free_blocks:4799: comm syz.2.831: Freeing blocks not in datazone - block = 20, count = 1 [ 95.215367][ T3072] kernel profiling enabled (shift: 7) [ 95.244611][ T3043] EXT4-fs (loop2): Remounting filesystem read-only [ 95.264443][ T3043] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6099: Corrupt filesystem [ 95.280364][ T3043] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6099: Corrupt filesystem [ 95.338532][ T1666] EXT4-fs error (device loop2): ext4_map_blocks:617: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1) [ 95.422231][ T372] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 95.788975][ T3088] EXT4-fs (loop4): orphan cleanup on readonly fs [ 95.795142][ T3088] EXT4-fs error (device loop4): ext4_orphan_get:1260: comm syz.4.842: bad orphan inode 256 [ 95.805810][ T3088] EXT4-fs (loop4): mounted filesystem without journal. Opts: resuid=0x0000000000000000,,errors=continue [ 95.847582][ T372] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 95.857484][ C0] ================================================================== [ 95.866156][ C0] BUG: KASAN: stack-out-of-bounds in profile_pc+0xa4/0xe0 [ 95.873082][ C0] Read of size 8 at addr ffff8881ec9a7720 by task udevd/162 [ 95.880826][ C0] [ 95.882998][ C0] CPU: 0 PID: 162 Comm: udevd Not tainted 5.4.276-syzkaller-00021-g58de09405d1e #0 [ 95.892111][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 95.901997][ C0] Call Trace: [ 95.905125][ C0] [ 95.907822][ C0] dump_stack+0x1d8/0x241 [ 95.911998][ C0] ? debug_smp_processor_id+0x20/0x20 [ 95.917189][ C0] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 95.922836][ C0] ? printk+0xd1/0x111 [ 95.926738][ C0] ? profile_pc+0xa4/0xe0 [ 95.930904][ C0] ? wake_up_klogd+0xb2/0xf0 [ 95.935331][ C0] ? profile_pc+0xa4/0xe0 [ 95.939502][ C0] print_address_description+0x8c/0x600 [ 95.944878][ C0] ? panic+0x89d/0x89d [ 95.948786][ C0] ? profile_pc+0xa4/0xe0 [ 95.952950][ C0] __kasan_report+0xf3/0x120 [ 95.957377][ C0] ? profile_pc+0xa4/0xe0 [ 95.961545][ C0] ? _raw_spin_lock+0xc0/0x1b0 [ 95.966231][ C0] kasan_report+0x30/0x60 [ 95.970396][ C0] profile_pc+0xa4/0xe0 [ 95.974393][ C0] profile_tick+0xb9/0x100 [ 95.978641][ C0] tick_sched_timer+0x237/0x3c0 [ 95.983460][ C0] ? tick_setup_sched_timer+0x460/0x460 [ 95.988840][ C0] __hrtimer_run_queues+0x3e9/0xb90 [ 95.993874][ C0] ? hrtimer_interrupt+0x890/0x890 [ 95.998818][ C0] ? kvm_sched_clock_read+0x14/0x40 [ 96.003855][ C0] ? sched_clock+0x36/0x40 [ 96.008106][ C0] ? ktime_get+0xf9/0x130 [ 96.012276][ C0] ? ktime_get_update_offsets_now+0x26c/0x280 [ 96.018178][ C0] hrtimer_interrupt+0x38a/0x890 [ 96.022954][ C0] smp_apic_timer_interrupt+0x110/0x460 [ 96.028332][ C0] apic_timer_interrupt+0xf/0x20 [ 96.033100][ C0] [ 96.035893][ C0] RIP: 0010:_raw_spin_lock+0xc0/0x1b0 [ 96.041180][ C0] Code: fd 4c 89 ff be 04 00 00 00 e8 2c dc 42 fd 43 0f b6 04 26 84 c0 0f 85 aa 00 00 00 8b 44 24 20 b9 01 00 00 00 f0 41 0f b1 4d 00 <75> 33 48 c7 04 24 0e 36 e0 45 49 c7 04 1c 00 00 00 00 65 48 8b 04 [ 96.060618][ C0] RSP: 0018:ffff8881ec9a7720 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 96.068966][ C0] RAX: 0000000000000000 RBX: 1ffff1103d934ee4 RCX: 0000000000000001 [ 96.076759][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffff8881ec9a7740 [ 96.084570][ C0] RBP: ffff8881ec9a77a8 R08: dffffc0000000000 R09: 0000000000000003 [ 96.092564][ C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000 [ 96.100383][ C0] R13: ffff8881edf2cf38 R14: 1ffff1103d934ee8 R15: ffff8881ec9a7740 [ 96.108210][ C0] ? _raw_spin_trylock_bh+0x190/0x190 [ 96.113390][ C0] ? follow_managed+0x20f/0x600 [ 96.118078][ C0] __d_lookup+0xe5/0x540 [ 96.122160][ C0] lookup_fast+0x119/0xa40 [ 96.126409][ C0] ? handle_dots+0xf10/0xf10 [ 96.130837][ C0] ? dput+0x50/0x80 [ 96.134482][ C0] walk_component+0x138/0x590 [ 96.138996][ C0] ? path_put_conditional+0x90/0x90 [ 96.144038][ C0] ? kernfs_refresh_inode+0x2b3/0x3d0 [ 96.149237][ C0] ? generic_permission+0x141/0x3e0 [ 96.154267][ C0] ? mutex_unlock+0x18/0x40 [ 96.158613][ C0] ? security_inode_permission+0xad/0xf0 [ 96.164080][ C0] link_path_walk+0x5c6/0x1040 [ 96.168683][ C0] ? memcpy+0x38/0x50 [ 96.172498][ C0] ? nd_jump_root+0x20f/0x2e0 [ 96.177007][ C0] ? handle_lookup_down+0x5b0/0x5b0 [ 96.182043][ C0] ? path_init+0x217/0xee0 [ 96.186309][ C0] path_lookupat+0x53/0x3f0 [ 96.190638][ C0] filename_lookup+0x253/0x6e0 [ 96.195236][ C0] ? hashlen_string+0x110/0x110 [ 96.199927][ C0] ? getname_flags+0x1ec/0x4e0 [ 96.204526][ C0] do_readlinkat+0x114/0x3a0 [ 96.208952][ C0] ? cp_old_stat+0x900/0x900 [ 96.213377][ C0] ? _raw_spin_unlock_irq+0x4a/0x60 [ 96.218422][ C0] __x64_sys_readlink+0x7b/0x90 [ 96.223099][ C0] do_syscall_64+0xca/0x1c0 [ 96.227436][ C0] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 96.233162][ C0] RIP: 0033:0x7fe2f3978d47 [ 96.237422][ C0] Code: 73 01 c3 48 8b 0d e1 90 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 59 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b1 90 0d 00 f7 d8 64 89 01 48 [ 96.256858][ C0] RSP: 002b:00007fffd002f9b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000059 [ 96.265288][ C0] RAX: ffffffffffffffda RBX: 00007fffd002f9c8 RCX: 00007fe2f3978d47 [ 96.273103][ C0] RDX: 0000000000000400 RSI: 00007fffd002f9c8 RDI: 00007fffd002fea8 [ 96.280911][ C0] RBP: 0000000000000400 R08: 0000000000000000 R09: 0000000000000000 [ 96.288721][ C0] R10: 000000000000010f R11: 0000000000000246 R12: 00007fffd002fea8 [ 96.296532][ C0] R13: 00007fffd002fe18 R14: 000055af6588d2c0 R15: 0000000000000000 [ 96.304431][ C0] [ 96.306599][ C0] The buggy address belongs to the page: [ 96.312078][ C0] page:ffffea0007b269c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 [ 96.321010][ C0] flags: 0x8000000000000000() [ 96.325530][ C0] raw: 8000000000000000 ffffea0007b269c8 ffffea0007b269c8 0000000000000000 [ 96.333943][ C0] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 96.342356][ C0] page dumped because: kasan: bad access detected [ 96.348615][ C0] page_owner tracks the page as allocated [ 96.354164][ C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO) [ 96.365369][ C0] prep_new_page+0x18f/0x370 [ 96.369792][ C0] get_page_from_freelist+0x2d13/0x2d90 [ 96.375255][ C0] __alloc_pages_nodemask+0x393/0x840 [ 96.380464][ C0] dup_task_struct+0x85/0x600 [ 96.384978][ C0] copy_process+0x56d/0x3230 [ 96.389402][ C0] _do_fork+0x197/0x900 [ 96.393398][ C0] __x64_sys_clone+0x26b/0x2c0 [ 96.397997][ C0] do_syscall_64+0xca/0x1c0 [ 96.402337][ C0] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 96.408062][ C0] page_owner free stack trace missing [ 96.413272][ C0] [ 96.415444][ C0] addr ffff8881ec9a7720 is located in stack of task udevd/162 at offset 0 in frame: [ 96.424640][ C0] _raw_spin_lock+0x0/0x1b0 [ 96.428979][ C0] [ 96.431147][ C0] this frame has 1 object: [ 96.435401][ C0] [32, 36) 'val.i.i.i' [ 96.435403][ C0] [ 96.441646][ C0] Memory state around the buggy address: [ 96.447118][ C0] ffff8881ec9a7600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 96.455020][ C0] ffff8881ec9a7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 96.462917][ C0] >ffff8881ec9a7700: 00 00 00 00 f1 f1 f1 f1 04 f3 f3 f3 00 00 00 00 [ 96.470900][ C0] ^ [ 96.475861][ C0] ffff8881ec9a7780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 96.483751][ C0] ffff8881ec9a7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 96.491645][ C0] ================================================================== [ 96.499544][ C0] Disabling lock debugging due to kernel taint [ 96.515752][ T372] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 96.582452][ T3091] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.585787][ T372] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 96.589315][ T3091] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.590046][ T3091] device bridge_slave_0 entered promiscuous mode [ 96.612000][ T372] usb 4-1: New USB device found, idVendor=0463, idProduct=b320, bcdDevice= 0.00 [ 96.616192][ T3091] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.624916][ T372] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.630824][ T3091] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.641477][ T372] usb 4-1: config 0 descriptor?? [ 96.646217][ T3091] device bridge_slave_1 entered promiscuous mode [ 96.745864][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 96.754028][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 96.765882][ T653] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 96.774116][ T653] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 96.782264][ T653] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.789188][ T653] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.796690][ T653] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 96.813201][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 96.822033][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 96.830428][ T388] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.837393][ T388] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.858085][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 96.865850][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 96.888460][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 96.896640][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 96.908375][ T653] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 96.926210][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 96.934832][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 97.118132][ T821] device bridge_slave_1 left promiscuous mode [ 97.124315][ T821] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.134641][ T372] hid-generic 0003:0463:B320.0002: hidraw0: USB HID v0.00 Device [HID 0463:b320] on usb-dummy_hcd.3-1/input0 [ 97.146210][ T821] device bridge_slave_0 left promiscuous mode [ 97.153226][ T821] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.334989][ T372] usb 4-1: USB disconnect, device number 7